MAPLESHIELD ADVISORY  ·  ORGANIZATIONAL RESILIENCE  ·  ENTERPRISE RISK  ·  RPAA  ·  INCIDENT MANAGEMENT  · 

Strengthening resilience
and protecting
what matters.

Risk advisory for organizations that want risk management to be a genuine business capability.

Our Services Speak with Us
Practice Areas

Three pillars.
One program.

We work across enterprise risk strategy, operational governance, and incident management — independently or together.

Enterprise Risk Strategy
Pillar I

Enterprise Risk Strategy

Risk appetite your board can stand behind.

  • Risk appetite framework design
  • Targeted risk assessment & decision analysis
  • Board and committee reporting
  • Risk training & capability enhancement
Start a conversation
Operational Risk Governance
Pillar II

Operational Risk Governance

Controls that survive an audit — and Monday morning.

  • Op risk framework design & embedding
  • RCSA methodology & facilitation
  • Third-party & vendor risk program
  • Regulatory compliance (RPAA, PCMLTFA, PIPEDA)
Start a conversation
Incident Management
Pillar III

Incident Management

Most organizations discover their gaps during an incident.

  • Incident response playbook development
  • Crisis escalation & communication protocols
  • Tabletop exercises & scenario testing
  • Regulatory notification design
Start a conversation
Regulatory Practice

RPAA.
More than
a filing.

Registration is the beginning — not the end. We help PSPs register, build compliant programs, and stay ready for Bank of Canada scrutiny.

Talk to Us
Key Dates
Jun 2021RPAA receives Royal Assent
Nov 2024Registration portal opens
Sep 2025Registration deadline
2026+Active BoC supervision
Three Compliance Pillars
Pillar I

Registration

Scope determination, form preparation, change management.

Pillar II

Op Risk & Incident Response

Framework design, TPRM, BCP/DR, incident playbooks.

Pillar III

Safeguarding

Trust account setup, reconciliation, audit documentation.

Foundation

Basic Compliance

Register and meet minimum obligations.

  • Scope assessment & registration
  • Baseline op risk policies
  • Incident response template
Enquire
Enhancement

Compliance Enhancement

Mature and embed your program.

  • Full op risk framework
  • TPRM program build
  • BCP/DR & tabletop simulation
  • Ongoing advisory retainer
Get Started
Advanced

Remediation & Exam Prep

For PSPs facing scrutiny or significant gaps.

  • BoC examination readiness
  • Regulatory response strategy
  • Independent expert review
Contact Us
Who we serve

Senior expertise
for complex
organizations.

Leadership teams navigating real regulatory complexity — not a junior team with a template.

Payment Service Providers

Fintechs and processors navigating RPAA for the first time.

Financial Institutions

Banks and credit unions strengthening risk governance.

Complex Enterprises

Organizations where a risk event could materially disrupt the business.

Boards & Leadership Teams

C-suites that want governance structures that hold up under scrutiny.

Start a Conversation

Let's talk
about your
risk program.

A direct, no-obligation conversation with a senior advisor.

Generaladvisory@mapleshield.ca
RPAArpaa@mapleshield.ca
OfficesToronto · Ottawa · Montréal

Book a Discovery Call

A senior advisor will respond within one business day.

Response within one business day.