IIROC is publishing guidance on subsection 3703(1) and clause 3703(2)(vii) of IIROC Rules (Cybersecurity Incident Reporting Requirements). The guidance outlines IIROC’s requirements related to the Cybersecurity Incident Reporting Requirements and also provides guidance to Dealer Members on how to demonstrate compliance with IIROC requirements.
The guidance will be effective immediately and replaces GN-3700-21-005 - Frequently Asked Questions – Mandatory Cybersecurity Incident Reporting.
Appendices
Appendix A – GN-3700-22-001 Compliance with IIROC’s Cybersecurity Incident Reporting Requirements
Welcome to CIRO.ca!
We have a new look! You can find the Canadian Investment Regulatory Organization (CIRO) at CIRO.ca with our fresh look and feel.
You can now find new publications published by CIRO since January 1, 2023 on CIRO.ca. If you are looking for past notices or bulletins published by MFDA or IIROC, you can find those on our legacy websites. Enforcement related content will continue on those websites as well.
You can now find previous Annual Reports and Enforcement Reports on CIRO.ca, along with Halts and Resumption, and our ePublications sign up (for all previous MFDA and IIROC subscriber lists).
We will continue moving items off MFDA and IIROC in 2023/2024. Stay tuned for future updates.