1. Background

1. CSA Access Rule and UMIR Amendments

On July 4, 2013, IIROC published notice of the approval of the Amendments which align UMIR with the requirements set out in the CSA Access Rule and introduce a regulatory framework for third-party electronic access to marketplaces.3   The Amendments confirm that a third-party may only obtain electronic access to marketplaces through a Participant using the mechanisms of:

• direct electronic access (“DEA”) provided by Participants to advisers and other clients (“DEA clients”);
• routing arrangements between investment dealers or foreign dealer equivalents4 and Participants; or
• order execution services presently offered to a range of client account types.

The framework is designed to address areas of concern and risks brought about by electronic access to marketplaces.  Such risks include those relating to: liability; credit; market integrity; sub-delegation; technology or systems; and regulatory arbitrage.

1. UMIR Requirements for Identifiers and Designations

Prior to the Amendments, Rule 6.2 of UMIR required that each order entered on a marketplace contain various identifiers and designations that may be applicable to the order including:

• the identifier of the Participant entering the order on a marketplace (the “Executing Participant”);
• in the case of a jitney order, the identifier of the Participant for or on behalf of whom the order is entered;
• the designation that the order is:
  • a jitney order,
  • a principal or non-client order,
  • an order that will be a short sale or short-marking exempt, and
  • an order from an insider or significant shareholder.

The Amendments expand the identifiers which must be included on an order to add:

• the identifier of the client for or on behalf of whom an order is entered under direct electronic access; and
• the identifier of the investment dealer or foreign dealer equivalent for or on behalf of whom the order is entered under a routing arrangement.

At this time, IIROC is continuing the practice that is currently used for the identification of orders from clients with direct market access such that unique identifiers will be included in the “User ID” field (as designated by the marketplace on which the order is entered) for DEA clients, and for investment dealers and foreign dealers under routing arrangements. 

Reference should be made to the text of Rule 6.2 for a listing of all of the required identifiers and designations to be attached to an order entered on a marketplace.

1. Origination and Routing of Orders for Execution and Use of Identifiers

Only a Participant that is a member, user or subscriber may provide third-party access to a marketplace through:

• DEA to DEA clients; or
• a routing arrangement with other Participants, investment dealers or foreign dealer equivalents. 

A client order, principal order or non-client order may originate with a dealer that is either a Participant (an “Originating Participant”) or with an investment dealer or foreign dealer equivalent that is not a Participant for the purposes of UMIR (an “Originating Dealer”).  The order may be routed to another dealer to act as intermediary (a “Participant Intermediary” if the other dealer is a Participant for the purposes of UMIR or otherwise a “Dealer Intermediary”) in on-routing the order to an Executing Participant.  

With the Amendments, an order will be able to carry up to three separate identifiers. Each of the Executing Participant and any Originating Participant or Participant Intermediary has an obligation to ensure that all applicable designations and identifiers are included on the entry of an order on a marketplace.  With respect to identifiers: 

• the Broker ID Field must always contain the identifier of the Executing Participant;
• the Jitney ID Field must contain the identifier of the first Participant involved in the routing of the order if an Originating Participant or a Participant Intermediary is involved in the routing of the order and the order must be marked “jitney”; and
• the User ID Field must contain:
  • the identifier of the DEA client if a client enters an order using DEA provided by a Participant, or
  • if no DEA client is involved, the identifier of the first Participant, investment dealer or foreign dealer equivalent that receives access under a routing arrangement with a Participant (regardless if there are other intermediaries in the chain) and is using the routing arrangement in the transmission of the order.

Any Participant handling the orders at any stage in the transmission to a marketplace must take reasonable steps to ensure that the orders comply with all applicable Requirements, including the marking of each order with designation and identifiers as required by Rule 6.2.

The following table sets out the identifiers which should be attached to an order based on a number of order routing and transmission scenarios.  The table includes situations where there would be no change in the current order marking practices but these are provided in order to better illustrate the changes that are introduced by the Amendments.  For the purposes of this table, “intermediated” means the provision of an order by a means other than third-party electronic access through:

• direct electronic access;
• a routing arrangement; or
• an order execution service account.

Note 1:  If Participant A received the order through a routing arrangement with an investment dealer or foreign dealer equivalent, the User ID Field would contain the identifier of the investment dealer or foreign dealer equivalent rather than the identifier of Participant A.  If Participant A received the order from a client through DEA, the User ID Field would contain the identifier of the DEA client rather than the identifier of Participant A.

1. Responsibility for Ensuring Proper Order Marking

An order must contain all designations required under Rule 6.2 that are relevant to the order (e.g. non-client, insider, short sale, short-marking exempt, etc.). Rule 6.2 is applicable in the same manner whether orders are transmitted via third-party electronic access or are intermediated by a Participant. The Originating Participant has the same obligations regarding client knowledge that it would have if it entered the order directly onto the marketplace and must therefore provide any intermediary or the Executing Participant with all required designations and identifiers.

If an Executing Participant receives an order directly from an Originating Dealer or from a Dealer Intermediary that is acting on behalf of an Originating Dealer that order will not be considered a “jitney order” for the purposes of UMIR.  In these circumstances, the Executing Participant is responsible for ensuring that its identifier and all designations relevant to the order as required under Rule 6.2 of UMIR are included on the entry of the order to a marketplace.

An Originating Participant that uses a Dealer Intermediary for routing orders to an Executing Participant must ensure that the Dealer Intermediary is able to receive and to pass on to the Executing Participant all required identifiers and designations on an order.  Similarly, a Participant Intermediary or Executing Participant must ensure that a Dealer Intermediary or Originating Dealer has adequate policies and procedures in place to assure that orders routed to the Executing Participant contain all of the designations and identifiers that are required by Rule 6.2 of UMIR.

If a Participant has provided DEA to a client or enters into a routing arrangement with an investment dealer or foreign dealer equivalent, the Participant must have established standards that require the client, investment dealer or foreign dealer equivalent to have reasonable knowledge of and the ability to comply with all applicable Requirements.  On an on-going basis, the Participant would be expected to supervise the entry of orders on a marketplace and to undertake compliance testing (including testing of compliance with order marking requirements).  The Participant is expected to review and confirm at least annually that the client is in compliance with standards established by the Participant.

1. Questions and Answers

The following is a list of questions regarding the supervision and compliance obligations of a Participant or Access Person under the Amendments and IIROC’s response to each question:

1. May a Participant in a routing arrangement authorize ANY investment dealer with an “ultimate client” that originates the orders to perform on behalf of the Participant the setting or adjustment of a risk management or supervisory control, policy or procedure?
    

   

   
   No.  A Participant may only authorize an investment dealer that is a party to a routing arrangement with the Participant to perform on behalf of the Participant the setting or adjustment of a risk management or supervisory control, policy or procedure.  The routing arrangement is subject to minimum standards, a written agreement and regulatory oversight under UMIR. 
   
   Market Regulation Policy staff may consider requests for exemptions related to the authorization of an investment dealer to perform on behalf of the Participant the setting or adjusting of a risk management or supervisory control, policy or procedure in certain circumstances if it is demonstrated that each dealer in the chain of order transmission has reasonable controls so as to manage their individual risks and comply with the requirements under UMIR and National Instrument 23-103.

2. Are Exempt Market Dealers permitted electronic access to marketplaces?
   
   No.  Registered dealers such as Exempt Market Dealers (“EMDs”) may not gain electronic access to a marketplace through a Participant under a routing arrangement or direct electronic access.  These restrictions are intended to prevent regulatory arbitrage with respect to trading and encourage registered dealers wishing to have direct access to a marketplace to become a member of IIROC (and be subject to the Dealer Member Rules and, in certain cases, UMIR). 
   
   In the event a foreign dealer equivalent is also registered as an EMD, the foreign dealer equivalent would be eligible to be granted DEA for its proprietary trading and may enter into a routing arrangement with respect to its agency order flow, but would not be eligible for direct access to a marketplace when acting in its capacity as an EMD for Canadian clients.

3. Is “naked access” permitted under DEA or a routing arrangement?
   
   No.  While a Participant may, in limited circumstances, authorize an investment dealer that is a party to a routing arrangement with the Participant to perform on behalf of the Participant the setting or adjustment of a risk management or supervisory control, policy or procedure,5 this is precluded in the case of an investment dealer or related entity engaged in proprietary trading. 
   
   In addition, notwithstanding that a Participant may have authorized an investment dealer to set or adjust the specific risk management or supervisory controls, policies or procedures in respect of client orders from that investment dealer, under Rule 7.13(4)(b), orders transmitted through a routing arrangement as well as using direct electronic access cannot “bypass” a Participant’s risk management and supervisory controls, policies and procedures.  However, this does not impact the ability of a client, investment dealer or foreign dealer equivalent, to transmit orders containing the identifier of the Participant directly to a marketplace without being electronically transmitted through the “systems” of the Participant and instead be transmitted through the technology systems of a service provider retained by the Participant for facilitating access to a marketplace.

4. Does the form of electronic access to marketplaces impact whether a Participant should apply the “short-marking exempt” designation to purchases and sales in an account?
   
   No.  The characteristics of the account activity govern whether the short-marking exempt designation should apply, not the means of electronically accessing the marketplace.6  In particular, UMIR defines a “short-marking exempt order” (“SME order”) as including an order for the purchase or sale of a security from an account that is an arbitrage account.  Whether an arbitrage account is held by an order execution services client, a DEA client or an investment dealer in a routing arrangement, the arbitrage account would qualify for the SME order designation.  Accounts which use automated order generation and entry and which are generally “directionally neutral” in their trading activity will also have SME order. 
   
   A Participant that provides electronic access to a marketplace must ensure that orders entered through any form of such arrangements are correctly designated.  IIROC expects the Participant to review the designation of orders by clients with SME order designations as part of the Participant’s supervisory procedures required by Rule 7.1 and Policy 7.1 of UMIR.

5. Are the standards to be established by a Participant for granting direct electronic access to a client or entering a routing arrangement with an investment dealer or foreign dealer equivalent the same for each DEA client and for each investment dealer or foreign dealer equivalent?
   
   No.  While the general standards that must be established by the Participant in granting access to a marketplace via routing arrangements and direct electronic access are provided for in Rule 7.13, their application must be appropriate for the type, level of risk and sophistication of trading that would be undertaken by the DEA client or by the investment dealer or foreign dealer equivalent that the Participant would grant access to.  As the provider of electronic access to marketplaces, the Participant’s role in undertaking due diligence with respect to its clients is a key method of managing risks associated with electronic access to marketplaces and necessitates a thorough vetting of potential DEA clients and parties to routing arrangements. This process is accordingly integral to the preservation of market integrity, which can only be accomplished if the standards are meaningfully set by Participants.
   
   A Participant should assess and determine what additional standards are reasonable given the particular circumstances of the Participant and each client, investment dealer or foreign dealer equivalent.  This includes an evaluation of the suitability of the form of access that should be provided to any client.  In the case of a Retail Customer considered for direct electronic access, IIROC expects such would only be provided in exceptional circumstances upon application of more stringent standards than to an Institutional Customer.  Additional factors a Participant may consider when setting such standards for prospective DEA clients, investment dealers and foreign dealer equivalents include prior sanctions for improper trading activity, evidence of a proven track record of responsible trading, knowledge and proficiency regarding use of an automated order system, knowledge of trading rules, supervisory oversight, the proposed trading strategy and associated volumes of trading.

6. What level of knowledge must a DEA client have before being provided DEA by a Participant?
   
   A Participant’s standards must require a DEA client to have reasonable knowledge of and the ability to comply with all applicable Requirements; and the Participant must provide its DEA client with relevant changes or amendments to the applicable Requirements and standards established by the Participant as they are introduced.
   
   In addition, a Participant must assess each DEA client’s knowledge and determine what, if any, training is reasonably required in the particular circumstances.  The training must at a minimum enable the DEA client to understand the applicable marketplace and regulatory requirements and how trading on the marketplace system occurs.  It may be appropriate for the Participant to require that the client have the same training and proficiency required of registrants.
   
   After DEA has been granted, an assessment of the DEA client’s knowledge of applicable marketplace and regulatory requirements would be considered necessary if significant changes to these Requirements are made or if the Participant detects unusual trading activity by the DEA client.  If the Participant finds the DEA client’s knowledge to be deficient after such an assessment, the Participant may require additional training for the DEA client.

7. Should a Participant employ the same compliance and supervision standards to monitor trading conducted by order execution clients as with other forms of electronic access to marketplaces?
   
   Yes.  A Participant is expected to comply with the trading supervision obligations set out in Rule 7.1 and Policy 7.1 with respect to all forms of electronic access to marketplaces, which emphasize the higher risks attendant with trading which does not involve a Participant’s staff directly.  It is important to note, however, that these risks may be heightened for trading by order execution clients as, in distinction to DEA and routing arrangements, a client seeking to open an order execution service account would not be subject to a similar “screening” process and would not be provided training.  There may be a disparity in knowledge of trading rules and obligations causing a higher proportion of unintentional offending orders or a greater degree of unscrupulous trading by sophisticated clients given the relative “anonymity” afforded in the order execution service.7
   
   In order to mitigate some of these risks, the Dealer Member Rules provide that an order execution client must not employ an automated order system that is not provided by the order execution service and provide IIROC with the authority to set, from time to time, a threshold on the number of orders that may be manually sent by order execution clients.

8. Are there any new “gatekeeper obligations” in regard to trading activities of:  a DEA client; investment dealer or foreign dealer equivalent in a routing arrangement; and order execution service client?
   
   Yes.  Policy 7.1 provides for trading supervision obligations with regard to all forms of electronic access to a marketplace and requires the monitoring of all orders entered by the party provided with electronic access to a marketplace for UMIR violations such as “manipulative and deceptive” trading activities and “improper orders and trades”.  However, the scope of supervision is expanded to include potential breaches of any standard set by a Participant or term of a written agreement, unauthorized trading or improper use of an automated order system, associated with the grant of electronic access to a marketplace.
   
   Rule 10.16 already requires a Participant or Access Person to conduct further investigation or review where the Participant or Access Person has reason to believe that there may have been a violation of UMIR.8 A Participant or Access Person cannot ignore “red flags” which may be indicative of improper behaviour by a client, director, officer, partner or employee of the Participant, Access Person or related entity.  
   
   A Participant that has provided third-party electronic access must, as part of its gatekeeper responsibilities, report to IIROC:

   • any termination by the Participant of access to a marketplace; and

   • knowledge of, or a reason to believe that any person who has been granted access has materially breached:

     • a Marketplace Rule,
     • a term of the agreement governing third-party access, or
     • a standard established by the Participant governing third-party access.

9. Can a Participant use the same compliance sampling and testing standards to monitor trading conducted by persons with third-party electronic access as it does for other trading activity?   
   
   Under Policy 7.1 of UMIR, if an order is entered on a marketplace without the involvement of a trader, a Participant’s supervision policies and procedures should adequately address the additional risk exposure which the Participant may have for orders that are not directly handled by staff of the Participant.  To the extent that a Participant does not conduct separate testing of trading by persons with third-party electronic access to marketplaces, it may be appropriate for a Participant to sample for compliance testing a higher percentage of orders entered by these persons that have not been handled by staff of the Participant (i.e. orders that were not “flagged” through an automated compliance system or otherwise handled by staff of the Participant) than the percentage of orders sampled in other circumstances.  Participants should consider using an automated compliance system for post-trade review and analysis of orders that have been generated by an automated order system.

10. Are there any particular “risks” that need to be addressed in compliance procedures for trading by persons with third-party electronic access?
    
    Part 3 of Policy 7.1 under UMIR sets out the minimum compliance procedures for trading on a marketplace.  However, Policy 7.1 also stipulates that the compliance procedures must be appropriate for the lines of business conducted by a Participant.  Given that orders entered by a person with third-party electronic access will be subject to pre-entry filtering as set out in Part 7 of Policy 7.1 but, in most circumstances, will be subject to limited supervision prior to being sent to the order routing system of the Participant, the compliance procedures for persons with third-party electronic access should, at a minimum, address the procedures for testing:

    • markers and identifiers as required by Rule 6.2 of UMIR, and in particular:

      • the “short sale” or “short-marking exempt” markers, and 
      • the insider or significant shareholder order markers;
    • orders that have been entered for “spoofing” contrary to Rule 2.2 of UMIR (such as the entry of an order or orders which are not intended to be executed and are entered for the purpose of determining the depth of the market, checking for the presence of an “iceberg” order, affecting a calculated opening price or other similar improper purpose);
    • orders that have been entered on a marketplace and trades that have executed for the creation of an “artificial price” contrary to Rule 2.2 of UMIR;
    • orders that have been entered on one or more marketplaces with the intention of “quote stuffing” (intentionally submitting a high volume of orders or messages for the purpose of interfering with the timely execution of trades or dissemination of order and trade data) contrary to Rule 2.2 of UMIR;
    • orders that have been entered which seek to abuse the minimum guaranteed fill facility of a person with Marketplace Trading Obligations;
    • orders that have been entered at unreasonable prices;
    • “wash trading” (particularly if the person with third-party electronic access has more than one account with the Participant); and
    • trades for failure to deliver or settle.

As required by Rule 7.1, any special compliance procedures employed for trading by persons with third-party electronic access to a marketplace must be in writing and must contain detailed guidance on how testing of orders and trades is to be conducted.

Part 5 of Policy 7.1 requires that the procedures adopted by a Participant address the steps to be taken to monitor the trading activity of any person who has multiple accounts with the Participant including other accounts in which the person has an interest or over which the person has direction or control.

11. What are the obligations if a client sends orders directly to a smart order router offered by the Participant?
    
    If a client has direct access to a smart order router offered by the Participant (such that an order from the client does not pass through the systems of the Participant), the client will be considered to have received “direct electronic access” from the Participant and would be subject to the requirements of Rule 7.13 of UMIR.  In this case, the identifier assigned to a direct electronic access client will be in the “User ID” field. 
    
    However, it should also be noted that in accordance with the requirements of National Instrument 23-103 Electronic Trading Rule and Direct Electronic Access to Marketplaces and Part 7 of Policy 7.1 of UMIR, each order must be subject to examination prior to entry on a marketplace by automated controls to prevent the entry of an order which would result in:

    • the Participant exceeding pre-determined credit or capital thresholds;

    • a client of the Participant exceeding pre-determined credit or other limits assigned by the Participant to that client; or

    • the Participant or client of the Participant exceeding pre-determined limits on the value or volume of unexecuted orders for a particular security or class of securities.

As such, any order entered to a smart order router must be subject to the automated controls of the Participant before the smart order router transmits the order to a marketplace.

12. What are the obligations if a client sends orders directly to an algorithm (such as a “VWAP algo”) offered by the Participant?
    
    If a client sends orders directly to an algorithm offered by the Participant, the Participant is intermediating the client’s order flow as the Participant provides input into the programming and management of the algorithm.  The provisions respecting DEA and routing arrangements are accordingly not applicable to the entry of orders on a marketplace that are intermediated by the Participant through the algorithm it offers to the client. However, it should also be similarly noted that in accordance with the requirements of National Instrument 23-103 Electronic Trading and Direct Electronic Trading Access to Marketplaces and Part 7 of Policy 7.1 of UMIR, each order must be subject to examination prior to entry on a marketplace by automated controls to prevent the entry of an order which would result in:

    • the Participant exceeding pre-determined credit or capital thresholds;

    • a client of the Participant exceeding pre-determined credit or other limits assigned by the Participant to that client; or

    • the Participant or client of the Participant exceeding pre-determined limits on the value or volume of unexecuted orders for a particular security or class of securities.

1. Impact on Existing Guidance

This Rules Notice repeals and replaces, effective March 1, 2014, the guidance set out in:

• Market Integrity Notice 2005-003 – Guidance – Marking Jitney Orders (March 4, 2005);
• Market Integrity Notice 2005-006 – Guidance - Obligations of an “Access Person” and Supervision of Persons with “Direct Access” (March 4, 2005);
• Market Integrity Notice 2007-004  - Guidance – Marking Orders Received from Other Dealers (February 28, 2007); and
• Market Integrity Notice 2007-010 – Guidance - Compliance Requirements for Dealer Sponsored Access (April 20, 2007).

• 3See IIROC Notice 13-0184, op. cit.
• 4The Amendments define a “foreign dealer equivalent” as “a person in the business of trading securities in a foreign jurisdiction in a manner analogous to an investment dealer and that is subject to the regulatory jurisdiction of a signatory to the International Organization of Securities Commissions’ Multilateral Memorandum of Understanding in that foreign jurisdiction”.
• 5See Rule 7.1(8) in IIROC Notice 12-0363 – Rules Notice – Notice of Approval – UMIR – Provisions Respecting Electronic Trading (December 7, 2012).
• 6See IIROC Notice 12-0078 - Provisions Respecting Regulation of Short Sales and Failed Trades (March 2, 2012) and IIROC Notice 12-0079 - Proposed Guidance on “Short Sale” and “Short-Marking Exempt” Order Designations (March 2, 2012).
• 7Please refer to Market Integrity Notice 2007-011 – Guidance - Compliance Requirements for Order Execution Services (April 20, 2007).
• 8See also IIROC Notice 13-0053 - Guidance on Certain Manipulative and Deceptive Trading Practices (February 14, 2013), which provides guidance on manipulative and deceptive activities, particularly trading strategies using automated order systems or direct electronic access.