Adequacy of carrying broker support
The risk that a third party fails to provide services as contracted or otherwise has sub-optimal performance.
Consideration is given to the support for business conduct purposes provided by the carrying broker.
Adequacy of compliance resources
The risk of not having sufficient management and staff to ensure operating and compliance procedures and risk management practices are effectively carried out.
Adequacy of corporate business conduct compliance function
The risk associated with dealer member firm head offices not effectively supervising the sales function. Consideration is given to the overall adequacy and experience of designated compliance officers, extent and frequency of compliance reviews performed and adequacy of corporate sales policies and procedures.
Advertising and sales practices
The risk associated with unethical, inappropriate or aggressive advertising and sales practices.
Inappropriate practices include providing false or exaggerated information about the firm’s abilities to generate a return on investments, cold-calling clients using high-pressure sales tactics and providing guarantees to customers.
Availability of system technology
The risk related to existence and availability of information technology for the business conduct needs of the firm.
Board, management and staff
The risk that the governance structure and process, as well as culture or values held by the board of directors, management and staff of the dealer member firm, are not aligned with effective risk management.
Business activity
The risk that arises from the nature of the dealer member firm’s business activity. It relates to the inherent business exposure associated with providing a particular product or service, taking into consideration the type and complexity of the business.
Business strategies and decisions
The risk that the business strategies adopted by the dealer member firm are sub optimal.
Consider the ability to identify need for change and robustness of business planning process.
Corporate governance effectiveness
The risk that the governance structure and process is ineffective in ensuring effective corporate governance, including the timely, proactive flow of relevant (risk) information to all key stakeholders and the "tone at the top".
Corporate governance is the process which guides the business affairs of the Dealer Member. It is a set of relationships amongst the Dealer Member’s management, board of directors, shareholders and stakeholders (including its regulator, IIROC) and a means to attain corporate objectives and monitor performance.
Effective corporate governance at a Dealer Member may be evidenced by a combination of the following characteristics:
- Sufficient number of qualified directors on the board based on size of firm.
- Appropriate ratio of the number of independent (‘outside’) directors to affiliated directors.
- Separation of board chair and Chief Executive Officer.
- Board appoints senior management team and determines their compensation.
- Frequent (i.e. monthly) board meetings with documented agenda, minutes, resolutions and voting.
- Existence of board committees (i.e. executive, audit and finance, human resources, compensation, and risk management) and that committee composition include members with subject matter expertise.
- Board oversees corporate compliance program by reviewing regular reports on compliance with regulatory rules, adequacy of internal controls and risk management.
- Board approves corporate strategic plan and monitors performance.
Owner/managed Dealer Members may also evidence effective corporate governance by:
- Demonstrating their direct involvement in identifying and in monitoring the principal risks faced by the firm.
- Establishing, maintaining, and monitoring a compliance program that identifies and addresses material risks of non-compliance.
- In the absence of adequate segregation of duties, direct involvement in the daily supervision of the financial, trading and compliance functions of the firm.
- Existence of a written annual strategic plan of the firm and documented regular performance monitoring.
- Appointing outside directors (where practical).
Corporate structure and ownership
The risk associated with the complexity of the dealer member firm’s corporate structure. Specifically the risk relates to the extent to which the group as a whole has the opportunity to engage in inappropriate related party transactions or would be exposed to conflict of interest situations.
Consideration is given to the nature of ownership (e.g. externally-owned vs. one internal-owner firm), nature and rationale for the group structure, the degree of wider group control and influence on directing business activity, the frequency, size and nature of related party transactions as well as the influence of other regulatory regimes (or lack of) on the activities of the group.
Disclosure/adequacy of product literature
The risk associated with not providing customers with sufficient product literature that accurately reflects the risk and return associated with a particular financial product or service. Consider the language utilized in product and service literatures provided to the customer.
Documentation of operating procedures
The risk of not having formal and effective policies, procedures and practices to ensure the reliability of processes and complete financial, client, performance and management reporting, business continuity, etc.
Economic and political environment
The risk that economic and political changes in the global, national or regional environment will adversely impact the industry sector(s) and specifically the potential performance of the dealer member firm.
Existence of branch network
The risk that there is ineffective supervision at the branch levels.
Consideration is given to whether the dealer member firm has designated branch managers or other personnel to monitor client account activities, the adequacy of management reports, and the extent and frequency of supervisory monitoring at the branch level.
Experience of Chief Compliance Officer
The risk of management and staff not having adequate knowledge and experience to carry out their responsibilities effectively. Consideration is given to the tenure, the rate and level of CCO turnover and the factors that precipitated the turnover.
External Risk Factors
Relate to the dealer member firm’s strategic fit with its external environment and effectiveness in responding to external influences.
Evidence of litigation and client complaints
The risk reflects the probability of the dealer member firm not complying with appropriate practices as reflected by pending litigation and client complaints. Consideration is given to the number and nature of pending litigation and client complaints.
Evidence of regulatory compliance
The risk is associated with the dealer member firm’s ability to understand, acknowledge, and respond to evolving regulatory requirements and ensure compliance with the regulatory environment.
Consideration is given to the number and seriousness of significant items reported in business conduct examinations.
Financial products offered
The risk associated with the intrinsic nature of the financial products offered by the dealer member firm.
The risk is impacted by the diversity and complexity of financial products offered.
Inherent Risk
Inherent risk is the pure risk that is intrinsic to the specific business of the dealer member firm, without considering the impact of any related internal controls, established policies and procedures, or risk management practices.
Internal Risk Factors
Relate to the dealer member firm’s ability to operate effectively and efficiently based on its resources and processes.
Lines of business
The risk associated with the nature of the lines of business in which the dealer member firm is engaged.
The risk is impacted by the diversity and complexity of the lines of business such as corporate finance, margin lending, underwriting, research, manager of non prospectus products, fee based accounts, manager of prospectus funds, agency trading and proprietary trading.
Management and staff culture
The risk that management culture does not foster and promote an environment of adherence to business conduct and control consciousness. The risk is impacted by the appetite for risk, the level of d, the professional conduct of management and staff on the whole.
Consideration is given to the attitude towards risk management and controls, towards supervision and relationship with regulators, willingness and ability to keep abreast of current issues and concerns, as well as fostering a positive learning environment (from mistakes and errors)
Operating environment
The risk that external factors impact the dealer member firm’s status quo resulting in the need to respond to such changes in the operating environment.
Performance incentives
The risk associated with providing sales personnel with unrealistic, misunderstood and inappropriate performance incentives, which could lead personnel to act in a manner inconsistent with the firm’s objectives, strategies and ethical standards or with prudent business practices.
Procedures adequacy
The risk that operating procedures are insufficient and/or not followed, resulting in the failure to completely and accurately process, account for and report on transactions. The focus is particularly on transactions that impact cash, securities and client accounts. The risk is impacted by inaccurate data or process failure (including information flow, decision making processes, etc.).
Professionalism of management and staff
The risk that management and/or staff behave in a manner that puts the dealer member firm's or their own interests before that of their clients, willfully contravene laws and regulations, or engage in fraudulent or unethical practices.
Profile of Clients
The risk inherent to the types of clients that the dealer member firm has and their associated vulnerability.
The risk is impacted by the nature of the client base (e.g., retail vs. institutional).
Quality of internal controls
The risk associated with poorly designed or implemented internal controls. Consideration is given to the adequacy of documented internal control policies and procedures; effectiveness of the internal audit function, effectiveness of trade reviews and veracity of stringent hiring practices.
Quality of management and staff
The risk of not having the right people with the appropriate skills and attributes in the right jobs to operate effectively.
Reliance on key personnel
The risk associated with heavily relying on one person in a key position or function (e.g. supervisory function). Consideration is given to the availability of back-up for the position, effectiveness of succession planning and/or the adequacy of cross-training provided to other individuals, impact the risk.
Risk management and control
The risk that risk management practices and internal controls of the dealer member firm are not effective due to inadequate/inappropriate design and/or ineffective execution, thus affecting the reliability of reported financial information and/or the safeguarding of assets.
Size of Dealer Member
The risk associated with the size of the dealer member’s business (number of registered employees) which is supported by the firm’s RAC.
Strategic management
The risk that the business strategies adopted, and/or decisions made, by the dealer member firm are sub-optimal.
Consideration should be given to the dealer member firm’s ability to identify the need for change, and the frequency of changes to strategic direction, and the robustness of its business planning process.
System adequacy
The risk that arises from the dealer member firm’s reliance on computer and information systems in its daily operations. It represents the risk that those application and information systems are: inadequate in meeting business needs, unreliable or do not fulfill their goals, and/or unavailable to adequately support operations.