Annual Consolidated Compliance Report

12-0359
Type: Rules Notice> Guidance Note
Rule connection:
UMIR
10.1 Compliance Requirement
10.16 Gatekeeper Obligations of Directors, Officers and Employees of Participants and Access Persons
Distribute internally to:
Corporate Finance
Institutional
Internal Audit
Legal and Compliance
Operations
Registration
Regulatory Accounting
Research
Retail
Senior Management
Trading Desk
Training

Contact:

Louis Piergeti
V.P. Financial and Operations Compliance
Telephone:
Email:
Mike Prior
V.P. Market Surveillance
Telephone:
Email:
Victoria Pinnington
V.P. Trading Review & Analysis
Telephone:
Email:
Joe Yassi
V.P. Business Conduct Compliance
Telephone:
Email:

IIROC is pleased to present the Annual Consolidated Compliance Report for 2012. The Annual Consolidated Compliance Report is designed to assist IIROC regulated firms (Dealers) in ensuring that their compliance systems and controls satisfy regulatory expectations. The Report is an important tool that we use to promote higher industry standards, improve investor protection and strengthen market integrity.

IIROC continues to enhance our compliance and examination program to reflect changes in market structure, business risks, investment products, demographics and corporate priorities.  IIROC uses a risk-based methodology in its regulatory operations and in assessing the financial condition, business conduct and trading conduct of Dealers. This risk-based approach to regulation allows IIROC to allocate regulatory resources to firms and issues that have a higher potential to cause risk to the public.  This also helps Dealers identify areas where they should be devoting more of their supervision, compliance and risk management efforts.

IIROC has also implemented a top-down approach in Financial and Operations Compliance and Business Conduct Compliance which guides examination staff as to the scope and extent of testing.  More time is spent on the planning stages of an examination, followed by an assessment at the Dealer as to whether the control and supervisory infrastructure at the Dealer can be relied upon.  This will enable examiners to determine the extent of and undertake substantive sampling on a targeted basis.

To achieve greater efficiency and effectiveness, we have developed integrated Financial and Operations Compliance, Business Conduct Compliance and Trading Conduct Compliance examinations, which we have started implementing with high-risk firms.  This provides IIROC with a complete picture of the Dealer’s business activities and enables the firm to deal with one set of information and other requests.  The Dealer will be provided with a consolidated examination report at the completion of the examination.

IIROC’s regulatory approach recognizes that there may be different ways to implement an effective supervision, compliance and risk management framework to monitor and comply with IIROC rules and applicable securities laws, and adopt industry best practices.  The compliance program incorporates an appropriate measure of regulatory flexibility in the ways in which a Dealer may demonstrate compliance and supervision of their regulatory responsibilities.

This Report outlines the key areas that the examination teams from our Financial and Operations Compliance, Business Conduct Compliance, Trading Conduct Compliance and Trading Review & Analysis groups will focus on in the current round of examinations. The key areas of focus are:

  • Non-arm’s length investment products
  • Know-Your-Client (KYC) documentation
  • Review of the practices of order-execution only service firms
  • Capital and liquidity risk management
  • Use of free credit balances
  • Transition to International Financial Reporting Standards (IFRS)
  • Outsourcing
  • Books and records
  • Borrowing for investment purposes
  • Manipulative and deceptive trading practices
  • Electronic trading controls
  • Marketplace disclosure
  • New order marking requirements related to short sales
  • Extended Failed Trades Reporting (EFTR)
  • Guaranteed prices and trade variation and cancellation reporting

The Report also lists common deficiencies noted in the previous examination cycle. IIROC staff expects Dealers to ensure they have adequate systems for supervision, compliance and risk management to address these issues and to ensure that repeat findings do not occur.

IIROC staff recognizes that in the current economic environment there are challenges on a Dealer’s resources and business activities.   However, this does not diminish the responsibilities of Dealers to have strong and effective compliance and risk control systems in place.  As many firms are now reviewing their current business models and looking for ways to effectively contain and reduce costs or alter business lines to meet the changing business environment, it is important for all firms to maintain a robust, effective compliance and risk management framework.  For additional guidance on our expectations, please consult IIROC Notice 09-0100 “Maintaining an effective compliance regime during economic and market downturns”.

Key IIROC Examination Priorities for 2012-2013

  1. Non-arm’s length investment products

IIROC’s Business Conduct Compliance department is conducting a targeted review on the distribution of non-arm’s length investment products.  We generally refer to non-arm’s length products as products issued by the Dealer itself, an issuer, or a selling security holder with which a Dealer does not deal at arm’s length, is related through common ownership or otherwise connected.1

The objective of the review is to determine the extent to which Dealers who distribute non-arm’s length products have adequate controls for the distribution and supervision of these products.  In particular, staff will be looking at Dealers’ controls regarding:

  • Conflict of interest assessment (as required by IIROC Rule 42 and Client Relationship Model Guidance 12-0108), in force as of March 26, 2012;
  • Product due diligence (Guidance Notes 09-0087 and 10-0234); and
  • Know-Your-Client and suitability (Client Relationship Model Guidance 12-0109).
  1. Know-Your-Client documentation

The Client Relationship Model provides for enhanced obligations on Dealers and Registered Representatives regarding suitability and KYC effective March 2013.  Business Conduct Compliance has undertaken a review of best practices and approaches of a cross section of Dealers with respect to the current KYC process.  The results of the review will inform policy development, with a view to issuing a Guidance Note for comment on best practices with respect to the elements of KYC in early 2013.2

  1. Order-execution only services

In the last Annual Consolidated Compliance Report released in November of 2011, Business Conduct Compliance staff highlighted a number of findings relating to suitability exempt platforms. Staff continued to find evidence of similar issues over the 2011-2012 examination cycle.

IIROC Rule 1300.1(t) and 3200 set out the documentary, procedural and system requirements for Dealers to accept orders from a customer without a suitability determination.  Approval for a Dealer to provide an order-execution only service is predicated on the requirement that no recommendation be provided by the Dealer.

While IIROC recognizes that Dealers want to assist their clients in improving their investment knowledge and attaining their investment goals, order-execution only Dealers must ensure they are not providing recommendations.  Whenever a recommendation is made or advice given, a suitability determination is required.3

As we continue to find evidence of compliance issues regarding Rule 1300.1(t) and Rule 3200, Business Conduct Compliance staff will undertake a review of the practices of order-execution only services platforms over the next year. These examinations will include reviews of client “planning tools”, online tutorials, third-party links, referral arrangements and client questionnaires used by Dealers, and will look at how these tools and services are being offered and marketed.  Staff will also be looking at potential trading issues arising at order-execution only firms.

  1. Capital and liquidity risk management

The IIROC capital formula is designed to ensure that firms have sufficient liquid assets to meet their obligations, but remain flexible enough so as to not prohibit or severely restrict any particular type of transaction within the bounds of good business practice.

The management of the sources and uses of liquidity, also referred to as “cash management”, is critical to a self-clearing firm to ensure that it has sufficient funds to meet customer obligations on demand and withstand any unexpected business disruptions in its normal daily operations.

Given the current volatile economic environment, Financial and Operations Compliance staff will focus on the risk management of liquidity capacity of self-clearing firms in their examinations in the coming year.

  1. Free credits

IIROC Financial and Operations Compliance staff has recommended that Dealers limit their client free credit balance usage to 12 times their current early warning reserve level as a more restrictive standard than the current rule set out in Statement D of Form 1.  All Dealers with customer free credits have agreed to voluntarily comply with this recommendation and have evidenced this with changes to internal policies and procedures and/or a confirmation agreeing to comply signed by a senior official of the firm. IIROC has developed an alert to its regulatory financial reporting system (SIRFF) to flag any firm that exceeds the revised “12 times EWR” client free credit usage limit.   IIROC examinations in the upcoming cycle will focus on compliance by all firms with this higher standard.  This is an interim measure to address leverage risk resulting from Dealers using customer deposits pending IIROC rule proposals in this area, to be published for comment in 2013.

  1. International Financial Reporting Standards

As of April of 2012, all Dealers are providing IFRS based financial reporting. With the transition to IFRS being completed, IIROC Compliance and Operations staff are focused on ensuring consistent application of the new accounting standards.  To this end, we have instituted new examination procedures as part of our information-gathering process.  Staff will continue to be on the alert for any unintended consequences to the regulatory thresholds as a result of the IFRS conversion.4

  1. Outsourcing

In the past year, IIROC has taken regulatory intervention measures to identify and protect client assets as a direct result of the “knock down” impact of the bankruptcy filing of foreign regulated affiliates of IIROC Dealer firms. 

These events have put a regulatory spotlight on outsourcing arrangements that Dealers have in place with third parties that act as custodian for customer fully paid securities and/or hold customer margin deposits in an omnibus trading account on behalf of the Dealer.  These assets are frozen whenever there is a bankruptcy proceeding involving the third party service provider. 

IIROC has issued proposed Guidance Note 12-0311 for public comment. The objectives of the Notice are to:

  • summarize the existing IIROC requirements and guidance on entering into and maintaining outsourcing arrangements;
  • identify Dealer business activities that may be outsourced and business activities that may not be outsourced;
  • set out IIROC expectations as to the appropriate due diligence procedures that must be undertaken by IIROC Dealers before outsourcing any business activity; and
  • set out IIROC’s intention to propose rules relating to outsourcing.

This Notice assists Dealers in identifying regulatory functions that may be outsourced and the risks that must be effectively managed with any outsourcing arrangement. The Notice lists critical issues that must be addressed in any outsourcing agreement and also provides examples of domestic and international industry best practices to help firms establish an appropriate risk management infrastructure for outsourced functions.

  1. Books and records

There is also increasing focus on customer books and record data of Dealers that reside on accounting systems that were physically located on computer servers outside the control of the Dealer. In one situation, the appointed trustee in Canada was restricted from accessing and taking control of Canadian customer records.

To address this issue, IIROC will be introducing new books and record rule amendments requiring Dealers to maintain full control over its customer records running on shared computer systems with any affiliate or third party.  Customer records of the IIROC Dealer must be separate and distinct from all other affiliates’ customer records.  If the Dealer maintains customer records using the same brokerage accounting operating system, a back-up must be maintained on a server located at the central office location of the Dealer.  These amendments will serve to facilitate an orderly transfer of customer accounts and liquidation, in the event such actions are required in future.

  1. Borrowing for investment purposes - suitability and supervision

In July of 2012, IIROC issued draft Guidance Note 12-0208 for comment - regarding borrowing for investment purposes.  The Notice outlines the obligations in IIROC rules and other securities regulations, and provides guidance on best practices that may be adopted by Dealers to ensure proper supervision of client accounts that employ a leveraging strategy. The Business Conduct Compliance staff will conduct reviews focused on these issues in the upcoming examination cycle.

 Some of the key concepts that Dealers should keep in mind are:

  • On-Book and Off-Book Borrowing: Clients may engage in leveraged strategies either through margin loans advanced by the Dealer (“on-book” borrowing) or through loans advanced by third parties (“off-book” borrowing).  In either case, where a recommendation is made, or the firm becomes aware of a client’s intent to use a leveraging strategy, the Registered Representative or the firm has a responsibility to ensure that suitability obligations and other responsibilities under IIROC rules are satisfied.
  • Maintaining a Supervisory Framework for Leveraging Strategies: IIROC expects all Dealers to have sound policies and procedures on borrowing to invest strategies.  These policies and procedures must detail how the firm will evaluate the risks related to particular recommendations, how suitability will be supervised and how evidence of supervision will be maintained.  Dealers are expected to demonstrate that their leveraging supervisory policies and procedures address all aspects of suitability including leverage amount, debt servicing ability and suitability of investments and strategy.
  1. Manipulative and deceptive trading practices

As part of each trade desk review undertaken by IIROC staff, the policies and procedures that have been adopted by each Participant will be reviewed in regard to their adequacy to detect and prevent violations of marketplace requirements in light of the type and volume of business undertaken by the Participant. Participants must have systems that are sufficient to properly detect and prevent potential trading abuses.

  1. Electronic trading controls

On March 1, 2013, National Instrument 23-103, the Electronic Trading Rule, will become effective. At the same time or shortly after, proposed UMIR amendments that parallel the National Instrument changes will also become effective. The amendments, which apply to all forms of electronic trading on marketplaces (not only direct electronic access) require that a Participant or Access Person adopt, document and maintain a system of risk management and supervisory controls, policies and procedures designed to ensure the management of the financial, regulatory and other risks associated with access to one or more marketplaces; and, if applicable, the use by the Participant, Access Person or any client of an automated order system. Trading Conduct Compliance staff will review Dealer compliance with the new requirements in the upcoming examination cycle.

IIROC staff has found a number of Dealers that have been providing clients with direct electronic access to marketplaces outside of either Direct Market Access (DMA) arrangement or an order execution service. These firms were operating under the belief that the existence of robust filters designed to intercept orders exceeding pre-set size and/or value thresholds rendered all activity from these clients as non-DMA. Orders that were not intercepted by the filters and were routed directly to marketplaces were considered “low-touch” rather than DMA.   

At this time, the only way that an order may be routed directly to a marketplace without review and acceptance by a registered individual is under a DMA Agreement or in an order execution account. Firms should review existing access arrangements with their clients to ensure that direct access is only provided under the appropriate circumstances.5

  1. Marketplace disclosure on client confirmations

The current multiple marketplace environment has presented challenges for some firms in complying with the requirements of IIROC Rule 200.1(h), and, in particular, the requirement to identify the marketplace where a client’s trade was executed. Effective October 15, 20126 , Dealers now have the option of utilizing a generic disclosure without identifying all of the marketplaces of execution.  However, Dealers will have to ensure that they have the ability to efficiently provide the details of execution to a client if requested.

  1. New short marking exempt marker

On October 15, 2012, the requirement to properly mark orders that are exempt from short sale marking became effective.  The introduction of the Short-Marking Exempt or “SME” marker on purchase or sale orders for particular types of accounts was to reduce the “noise” of short selling that results from non-directional trading strategies and enhance IIROC’s ability to monitor for abusive short selling and manipulation.   Staff will be including examination steps to ensure that firms have policies and procedures in place to supervise for correct application of this marker.7

  1. Extended failed trades reporting

The requirement to report to IIROC certain extended failed trades became effective June 1, 20118 . This phase of the Extended Failed Trade Reporting requires each Participant or Access Person to report to IIROC certain details of any trade which remains unsettled 10 trading days following the settlement date. The current reporting obligation extends to trades which occur in either a Cash Account or a Long Margin Account. In the period November 1, 2011 through August 31, 2012:

  • A total of 282 extended failed trade reports were received, involving a total of 173 different securities.
  • The average time to “cure” an extended failed trade was 7.73 days following the initial report.
  • Total extended failed trade reports per month ranged from a low of 17 to a high of 44.
  • 18 different Participants were responsible for all the reports.
  • Total reports received by each of the 18 reporting Participants over the period ranged from a low of 1 to a high of 126.

IIROC believes that the 18 Participants who reported over the period may not accurately represent the number of firms that experience reportable extended failed trades from time to time. Accordingly, IIROC has added a component to its Trading Conduct Compliance examination process to include a review of a firm’s compliance with its extended failed trade reporting obligations.

  1. Guarantee of trade prices and trade variation or cancellation

During the previous examination cycle, the Trading Conduct Compliance program included reviews to address new requirements regarding the Guarantee by Participants of Trade Prices9  and the Variation or Cancellation of Trades10 .  Dealers should also take note that Staff will be reviewing firm processes in place to comply with these requirements. 

Results of recent targeted reviews/surveys

  1. Complaint handling survey regarding IIROC Rule 2500B

In fiscal year 2012, Business Conduct Compliance staff conducted a targeted review of Dealer policies and procedures on the handling of client complaints. Data was collected through a survey of Dealer firms with retail clients, and from 47 compliance examinations conducted in fiscal year 2012.

The results of the survey and compliance reviews indicate good overall compliance with the Rule. However, certain areas were noted where some of the Dealers could improve. There were instances at some Dealers and/or in respect of certain accounts where non-compliance was noted.  The most common deficiencies have been compiled from the Dealer survey and compliance examinations and are set forth below: 

  • Failure to update written policies and procedures to reflect all aspects of Rule 2500B.  Policies and procedures must address the following:
    • the fair and thorough investigation of the complaint;
    • the process by which an assessment is made regarding the merit of the complaint;
    • where the complaint is determined to have merit, the process to be followed in determining what offer should be made to the client; and
    • the remedial actions which may be appropriate to be taken within the firm.
  • Failure to provide a written summary of the firm’s complaint handling procedures to new clients at time of account opening or failed to make their procedures available to their clients on an ongoing basis.
  • Failure to provide an explanation of the Dealer’s internal complaint handling process in their complaint acknowledgement letters.
  • Failure to include in the Dealer’s substantive response a description of the options available to the client to further pursue the complaint.
  • Failure to retain adequate documentation in each complaint file.11
  1. Titles and designations

In IIROC’s last Annual Consolidated Compliance Report, IIROC announced the commencement of a targeted survey on Titles and Designations.  The initiative was undertaken, in part, in response to the proliferation and use of titles and designations by registrants.  IIROC will report on the results of its review in a Guidance Note to be issued for comment in December 2012.   Also, in an effort to provide greater transparency and understanding about the different designations which appear to be in use on the IIROC platform, IIROC is preparing a glossary of common designations that we will make available on our website.  The bilingual glossary will include information about the financial designation, including the name of the issuing organization and educational requirements.  The glossary is intended to be a tool to help investors make more informed choices when selecting or working with an advisor.   IIROC’s Business Conduct Compliance team has enhanced its modules to monitor firms’ activities in this area in the next cycle of compliance examinations. 

  1. Account intrusions

In the spring of 2011, IIROC staff conducted a survey of Dealers offering discount brokerage services with respect to the measures in place to prevent and detect on-line account intrusions.  A brief summary of the results is below:

  • Firms have a variety of controls in place to prevent compromised accounts including real-time alerts to detect unusual activity in accounts designed to alert for abnormal deviations from a client’s normal trading patterns; two factor authentication; the option for clients to participate in more robust security such as secure transaction programs; and free downloads of software for clients to install on their computers to provide extra protection.
  • Firms undertake identification of potential account intrusions either through real-time monitoring or post-trade compliance reviews.
  • Firms have procedures in place to identify remedial steps to be taken once an account has been identified as compromised, including such controls as suspending accounts, requiring clients to set new passwords, and requiring accounts to create new accounts.
  • Almost all firms maintain a record of the IP address used by the client to access their account but few block access or require further authentication if an unrecognized IP address is used.  Most firms monitor lists of known fraudulent IP addresses and have the ability to block access to their systems.

IIROC expects any Dealer that has experienced problems with account intrusions to file a Gatekeeper Report with IIROC.  This is important for IIROC to assess any potential harm to clients and/or market integrity.

Other common/significant deficiencies noted in the 2011-2012 examination cycle

At the end of the each examination conducted by IIROC staff, the Dealer is provided with a written compliance report, which sets out the findings and recommendations by staff.  IIROC staff also conducts an exit interview with the Dealer’s management team and the Dealer must file a response setting out the actions that have already been or planned to be undertaken to address the findings.   Almost all Significant Findings are resolved by the Dealer within the agreed upon time, depending on the extent and nature of the findings.   Findings are followed up by IIROC staff within a certain period or no later than at the next regularly scheduled examination, as applicable.

Summarized below are common deficiencies that our Financial and Operations Compliance, Business Conduct Compliance and Trading Conduct Compliance teams noted over the previous examination cycle.  In addition to the key objectives noted above, staff will continue to focus on these issues as part of their regular reviews.

It is important to note that the deficiencies noted below are a compilation of deficiencies encountered across the membership.  These deficiencies have not been found at all firms reviewed and no single firm has received a report containing all or even most of these deficiencies.  In order to assist firms in identifying and addressing these common deficiencies and compliance with IIROC rules generally, IIROC provides relevant and timely guidance notes throughout the course of the year to communicate regulatory expectations, promote compliance and share best practices.   This report refers to some of the relevant guidance notes that are in place, have been published for comment or expected to be published next year.   The complete list of the guidance notes that are available can be found at www.iiroc.ca.  Our goal is to be proactive, to promote sound prudential, business conduct and trading practices.  We encourage firms to contact us if they believe that additional guidance would be helpful or if they have any questions on the guidance that is provided in any particular area. 

  1. Internal controls

Adequate internal controls were not established and maintained in accordance with the internal control policy statements in Rule 2600. For example:

  • The profitability, capital and liquidity test were omitted in the preparation of the weekly capital calculations.
  • There was no evidence of review and approval of the weekly risk adjusted capital (RAC) calculation.
  • There were inadequate controls over the operation of inventory accounts used for accumulation / average pricing of customer trade orders.12
  • Security price verification testing to independent sources was not performed.
  • There were inadequate policies and procedures to identify and manage the occurrence of single customer account securities concentration.13
  • There were inadequate policies and procedures for setting intra-day inventory trading capital limits or monitoring for violations of established limits.
  • There was a lack of audit evidence in the review and approval of bank reconciliations by a designated senior officer.
  • There was a lack of audit evidence in the review of clearing and settlement operational account reconciliations by a designated senior officer.
  • Outstanding unresolved reconciling items were not corrected on a timely basis. Capital provisions otherwise provided on unresolved reconciling balances dated back many months or years without being written off on the income statement.
  • Policy and procedures were not updated to reflect changes in business operations and personnel.
  • There was a lack of audit evidence on the review and approval of internal control policy statements by senior management and/or the board of directors.
  1. Books and records

Deficiencies regarding books and records included the following:

  • Dealers did not evidence their control and access over customer books and records on brokerage accounting systems shared and located on affiliates’ computer servers.
  • Books and records of Dealers were improperly co-mingled with customer accounts of other affiliated legal entities on the same computer system.
  • Private placement bought deals were done without recording the transaction on the firms’ books.14
  • Firms failed to capture and record off-book transactions, such as mutual funds purchased and registered in client name (as opposed to purchased and held in nominee name) or non-brokered private placements.
  • Improper netting of assets and liabilities, as well as revenues and expenses – such as commission / corporate finance revenues against clearing / corporate finance costs.  This is a common deficiency resulting from the transition to IFRS.15
  1. Related party transactions

Some common deficiencies regarding related part transactions include:

  • Failure to execute written cost-sharing (or service) agreements with related party affiliates that identifies services provided and method of fee calculation in order to objectively measure and verify completeness of expenses and accruals.
  • Outstanding related party intercompany balances aged for long periods of time with no terms for repayment or collection.
  • Intercompany reconciliations of related party balances were not performed on a monthly basis.
  • Dealer advances were made on an unsecured basis to related companies that were material in amount to the regulatory capital of the firm. In substance, this is equivalent to removing capital out of the firm without regulatory consent and is prohibited.
  1. Introducer arrangements

Financial and Operations Compliance staff found that some type 4 introducers were not monitoring their free credit limit and segregation requirements. In addition, introducers often placed undue reliance on their carrying brokers’ procedures for price verification of securities in respect of their obligation for independent price verification of their inventory positions. Cheques in the name of the Dealer received from customers of type 2 introducers were not deposited directly into a “deposit only” bank account of the Dealers’ carrying broker.

  1. Underwriting

Margin was not provided commencing on the date of the bid letter/commitment to finance public-private partnership infrastructure deals (i.e. hospital, highways) in accordance with rule 100.5.

In the current year, IIROC is undertaking a review of current practices with respect to Dealer underwriting due diligence to identify gaps and promote best practices and standards, with a view to issuing draft guidance in this area for public comment in early 2013.

  1. Inadequate policies and procedures

Business Conduct Compliance staff continues to see instances where policies and procedures have not been appropriately customized to the firm’s business and risks.  These written policies and procedures must include detailed procedures covering the internal controls, supervision and testing within the firm.  In addition, these procedures should be accessible and understood by the firm’s compliance and supervisory staff and there should be adequate training around these procedures.

  1. Conflicts of interest

Business Conduct Compliance staff noted a number of deficiencies regarding policies and procedures for identifying and managing conflicts of interest.16  Dealers must clearly identify conflicts of interest in their business and ensure that there are adequate controls in these areas and that these conflicts are either mitigated or avoided.  In particular, it is important to consider the conflicts and the necessary disclosure around the sale of products of related or connected issuers or the proprietary products of related entities such as limited partnerships, mutual fund dealers, exempt market dealers and portfolio managers.  It is also important to consider conflicts that are associated with registrants employed by multiple related entities and ensure that these conflicts are weighed and addressed.

In addition, firms must ensure that they know and approve of outside business activities of their registrants to ensure that no conflict of interest is present.  Dealer firms must report all outside business activities (OBA) to the National Registration Database and must carefully consider if any conflicts of interest exist before approving any OBAs.17

  1. Inadequate controls around employee accounts

IIROC staff continues to see instances where Dealers have not adequately supervised the activity within their employee accounts. Supervision of employee account activity needs to be comprehensive and include all transactions.  Controls over the use of external accounts need to be effective and all accounts need to be reviewed against the grey and restricted lists.

There were occurrences of incomplete or no evidence to support cross supervision and monitoring for inappropriate trading activities. There was also a lack of evidence to support daily and monthly reviews, as well as reviews of firms’ supervisory policies and procedures. Dealers must complete and document the evidence of cross supervision and supervisory reviews to ensure effective, timely and independent reviews of all applicable accounts. Daily and monthly reviews must be completed within stipulated timelines and evidence of inquires made, responses received and action taken documented.

  1. Product due diligence

IIROC staff continues to see instances where Dealers have not adequately developed and implemented policies and procedures for product due diligence. Findings included some firms that had not set up a Product Due Diligence Committee.18

  1. Market disruptions

IIROC staff continues to deal with market disruptions resulting from the use of automated trading systems by dealers or their clients.  In many cases the market disruptions are the result of malfunctions or programming errors, which raises questions related to the level of testing these systems are subjected to prior to implementation or following modifications.  However, malfunctions are not the only cause of disruptions caused by automated order systems.  On occasion, where systems initially appear to be working as designed, the absence of risk controls combined with the usage of “Directed Action Orders” have led to excessive price movements, often requiring intervention by IIROC Market Surveillance in the form of trade variations and/or cancellations.  For example, systems that are designed to automatically liquidate positions in an under-margined account must ensure that such orders are not entered in a manner that impairs market integrity. 

IIROC has issued previous guidance and discussed on numerous occasions the risks to market integrity caused by the use of stop loss orders, and has stressed the need for adequate pre-trade controls to limit the impact when multiple stop loss orders are triggered at the same time. Yet the use of stop loss market orders continues to cause market disruptions.

In some cases a single-stock circuit breaker was triggered which served to limit price impact, however IIROC maintains that dealers must adopt pre-trade risk controls to ensure markets remain fair and orderly. Single-stock circuit breakers are not in effect for all listed securities or during all trading hours, and as a result are not guaranteed to prevent disruptive activity.

  1. Failure to provide timely responses to trade inquiries

IIROC staff has found that some Dealers are taking significant amounts of time to respond to requests for information about orders and trades, particularly when the activity is related to clients with direct market access (DMA).  Market Surveillance staff perform real-time monitoring of listed equity trading in Canada, and timely responses to inquiries are essential in order for IIROC to meet its mandate and to enable Market Surveillance staff to intervene when required.  The length of time required to respond also raises concerns about the ability of dealers to adequately supervise clients with electronic access.  As noted above, one area of focus by IIROC staff in the upcoming examination cycle will be compliance with the requirement to adequately supervise clients with electronic access, and have adequate pre- and post-trade risk controls and supervisory systems.

  1. Inadequate controls over primary distribution of debt

In 2010, IIROC conducted a targeted review of primary debt distribution practices.  Despite the feedback provided to those Dealers involved with the review, we continue to find that some are having difficulties in providing evidence of bona fide efforts to distribute new issues to clients prior to allocating a portion of the offering to principal and/or non-client accounts.  Under IIROC Rule 29.3, each Dealer must ensure that new issues are offered to clients and that evidence of that process and the results are sufficiently documented.

  1. Gatekeeper Reports

IIROC monitors the submission of Gatekeeper Reports filed by Participants in compliance with UMIR 10.119 . While IIROC is generally satisfied with the level of reporting by Participants, we continue to encourage a Participant or Access Person to file a Gatekeeper Report in all circumstances if an investigation concludes that a violation of one or more of the integrity rules enumerated in Rule 10.16(1) has or may have occurred.  We also note that some Participants have used the Gatekeeper Report to file complaints. We remind those Participants that they may contact Surveillance directly to file such complaints. 

As part of its current trade compliance review process, IIROC continues to review the policies and procedures adopted by Participants relating to their gatekeeper reporting obligation.  In particular, IIROC staff will review the adequacy of internal policies and procedures related to the detection, investigation and escalation of violations or potential violations of UMIR, as well as the adequacy of policies and procedures relating to the filing of a Gatekeeper Report.

Conclusion

All Dealers must maintain adequate supervisory and compliance testing systems for their activities to ensure compliance with IIROC Dealer Member Rules, Universal Market Integrity Rules and applicable securities laws.  It is mandatory that each Dealer corrects all deficiencies identified in IIROC examination reports in a timely manner.  Repeat Significant Findings may be indicative of an ineffective compliance system or a lack of “tone-from-the-top” compliance culture and will be treated by IIROC staff as a serious matter.

IIROC will continue to be proactive in our regulatory efforts to identify and address risks in order to prevent or mitigate harmful outcomes.  The enhancements that have been made to the compliance programs, the targeted reviews and surveys undertaken, combined with member education and other initiatives, are efforts to raise the bar and build a culture of compliance in the industry.  The effective use of these regulatory tools helps bolster industry standards and confidence in the integrity of Canada’s capital markets. We will continue to provide assistance to Dealers through the designated Manager responsible in each compliance examination unit. The Managers are on-site during the compliance examinations and the Managers as well as senior management in compliance are available throughout the course of the year to discuss any regulatory matters.  Dealers are encouraged to contact us if there are any questions about this Annual Consolidated Compliance Report.

  • 1For further guidance, see also IIROC Rules Notice - Guidance Note 10-0028 issued February 5, 2010 - Requirements and Best Practices for distribution of non-arm’s length investment products
  • 2See IIROC Rules Notice – Guidance Note 12-0108 issued March 26, 2012 – Client Relationship Model and IIROC Rules Notice – Guidance Note 12 – 0209 issued March 26, 2012 – Know your client and suitability
  • 3See Member Regulation Notice MR-0098 issued September 6, 2001: What Constitutes a “Recommendation”? Is a Suitability Determination Required under Regulation 1300.1?
  • 4See IIROC Rules Notice 11-0082 issued February 28, 2011
  • 5See also IIROC Rules Notice – Guidance Note 12-0200 issued June 28, 2012 - Provisions Respecting Electronic Trading
  • 6See IIROC Rules Notice - Guidance Note 12-0236 issued July 27, 2012 - Guidance on Marketplace Disclosure for Trade Confirmations.
  • 7See also IIROC Rules Notice – Guidance Note 12-0300 issued October 11,2012 - Guidance on “Short Sale” and “Short-Marking Exempt” Order Designations
  • 8See IIROC Rules Notice – Guidance Note 11-0080 issued February 25, 2011 – Implementation Date for the Reporting of Extended Failed Trades
  • 9See IIROC Rules Notice - Guidance Note 12-0010 issued January 9, 2012 - Guidance on the Guarantee by a Participant of a Trade Price for a Client Order
  • 10See IIROC Rules Notice - Guidance Note 11-0160 issued May 19, 2011 – Reminder Regarding the Reporting of Trade Variations and Cancellations
  • 11See IIROC Rules Notice – Notice of Approval/Implementation and Guidance Note 09-0363 issued December 21, 2009 – Client Complaint Handling Rule and Guidance Note
  • 12See Member Regulation Notice – MR-0280 issued March 31, 2004 - Average Price Accounts – Margin Requirements
  • 13See Member Regulation Notice – MR-0159 issued September 4, 2002 - Loan Value Granted to Significant Security Positions Held in Member Firm and Customer Accounts
  • 14See Member Regulation Notice – MR-0481 issued July 16, 2007 – Off-Book Transactions
  • 15See IIROC Rules Notice 11-0082 issued February 28, 2011
  • 16See Dealer Member Rule 42 in force as of March 26, 2012.
  • 17See IIROC Rules Notice – Guidance Note 12-0108 issued March 26, 2012 – Client Relationship Model and IIROC Rules Notice, Request for Comments – 11 – 0150 issued May 11, 2011 – Disclosure and approval of outside business activities and Member Regulation Notice – MR-0434 issued November 17, 2006 – Other Business Activities
  • 18See also IIROC Rules Notice – Guidance Note 09-0087 issued March 23, 2009 – Best practices for due diligence
  • 19For further information regarding the obligations pertaining to the filing of Gatekeeper Reports pursuant to  UMIR 10.16, please see RS MIN 2006-007 – Guidance – Gatekeeper Reporting Obligation (February 24, 2006) and RS MIN 2008-011 – Guidance – New Procedures for Gatekeeper Reports (May 16, 2008).