IIROC Compliance Priorities Report for 2021/2022: Helping Firms with Compliance

22-0035
Type: Administrative Notice> General
Rule connection:
IIROC Rules
UMIR
Distribute internally to:
Corporate Finance
Institutional
Internal Audit
Legal and Compliance
Operations
Registration
Regulatory Accounting
Research
Retail
Senior Management
Trading Desk
Training

Contact:

Irene Winel
SVP, Member Regulation and Strategy
Telephone:
Email:
Victoria Pinnington
SVP, Market Regulation
Telephone:
Email:
Elsa Renzella
SVP, Enforcement, Registration and Enterprise Risk
Telephone:
Email:
Jennifer Armstrong
General Counsel and Corporate Secretary
Telephone:
Email:

Executive Summary

We are pleased to present IIROC’s annual Compliance Priorities Report: Helping Firms with Compliance for 2021/2022.

The COVID-19 pandemic continues to present challenges that require swift, decisive guidance and actions from the investment industry to better protect investors in Canada. This year’s report outlines IIROC’s ongoing efforts and response to the impacts of the pandemic, our preliminary thinking as we prepare to return to the office, our upcoming policy initiatives and initiatives that support transformation and innovation in the industry – all in the context of the ongoing consolidation of IIROC and the Mutual Fund Dealers Association of Canada scheduled to close December 31, 2022.

This report also summarizes current issues and challenges that IIROC-regulated investment firms should focus on to improve investor protection and foster market integrity.

Together with our supplemental materials, regular contact with firms, annual compliance conferences and other forums, this report helps firms focus their supervision and risk-management efforts to comply with our regulatory requirements in a way that is appropriate for their unique business models.

SRO Consolidation

In August 2021, the Canadian Securities Administrators (CSA) published CSA Position Paper 25-404 on the evolution of the self-regulatory organization (SRO) framework. Phase 1 of their proposal recommended the integration of IIROC and the Mutual Fund Dealers Association of Canada (MFDA)1 .

On November 18, 2021, the CSA announced some important milestones towards the establishment of the new integrated SRO which is expected to be completed by the end of 2022. Under the leadership of the CSA and with the assistance of Deloitte, who has been engaged as joint integration manager, IIROC and the MFDA have started planning the integration and are working towards the timeline established by the CSA. We look forward to working with the CSA and the MFDA to achieve our goal of making the new SRO more efficient, effective and one that ultimately leads to better outcomes for Canadians and for the investment industry.

Continued Pandemic (COVID-19) response and Planning for Return to Normal

In their on-going response to the COVID-19 pandemic, many financial services firms and regulators continued to work remotely. This includes IIROC who continued to work on a fully remote basis in all regions across the country while maintaining continuous, rigorous oversight of Canada’s capital markets. Despite the challenges, IIROC-regulated firms continued to effectively manage day-to-day operations. IIROC continues to engage with member firms and demonstrate flexibility to help navigate through this challenging time while maintaining our focus on investor protection and market integrity.

While we continue to operate remotely, we have begun to discuss what the transition to a post pandemic state will look like and some of the new opportunities that this may bring. We have learned a lot through engaging with Dealers on a fully virtual basis and have seen how significant portions of our examinations can effectively and efficiently be conducted remotely. Recognizing that there is still a benefit to be obtained from some degree of in-person and on-site work with our Dealers, we are considering the extent to which portions of our examinations can be conducted remotely, reducing the amount of time our examination teams spend on-site at Dealer premises.

Status of Covid-19 Related Exemptions

On March 31, 2020, IIROC published Rules Notice 20-0063 COVID-19 Related Exemptions from IIROC Rules. The Notice outlines the authority delegated to staff by the IIROC Board to provide exemptive relief in several areas, including the following:

  • Client document approvals
  • Timelines for reporting obligations – relief from filing
  • Form 1 audit procedures
  • Pre-approval requirements (pre-trade approvals and approval of advertising and sales literature)
  • Supervision requirements (daily and monthly trade reviews, branch-office reviews)
  • Suspension of late filing fees
  • Margin related matters
  • Registration and proficiency
  • Identity verification thresholds conformance to federal anti-money laundering legislation.

Initially, exemptions were granted for a period of six months. The IIROC Board subsequently authorized staff to extend exemptions, where warranted. All exemptions granted under the authority delegated by the Board are currently set to expire on March 31, 2022. Dealers who received exemptions under this staff authority should ensure that appropriate steps are taken to accommodate the expiry of these exemptions. IIROC will continue to evaluate its rules to identify cases where permanent changes may be warranted.

Highlights – IIROC Initiatives

Crypto Asset Trading Platforms

On March 29, 2021 we published Joint CSA/IIROC Staff Notice 21-329 - Guidance for Crypto Asset Trading Platforms - Compliance with Regulatory Requirements to provide guidance on how securities legislation and IIROC requirements apply to crypto asset trading platforms (CTP) and how regulators may tailor the requirements, so they are appropriate to a CTP’s business model. Our approach is to ensure there is a balance between being flexible to foster innovation in the Canadian capital markets and meeting our regulatory mandate of promoting investor protection and fair and efficient capital markets. On August 13, 2021, IIROC granted certain exemptions that allowed a current firm to transact in crypto assets under specified terms and conditions. We will continue to work with the CSA to further refine our regulatory approach and develop compliance programs to ensure that all firms transacting in crypto assets do so with appropriate regulatory oversight.

Plain Language Rules Implementation

On December 31, 2021, the Plain Language Rulebook (IIROC Rules) came into effect. In addition to streamlining the existing IIROC Dealer Member Rules and sequencing them in a more logical fashion, the new rules also introduce some significant enhancements and amendments. Tables of Concordance for the rules and guidance notes are available on the IIROC website. We also provide a series of webcasts that give an overview of each of the IIROC Rules Series. Firms are encouraged to use these resources to assist with the transition.

Client Focused Reforms

In August 2021, IIROC published final amendments to the IIROC Rules required under the Client Focused Reforms (CFR). These rule amendments, along with Product Due Diligence and Know Your Product guidance, were published under IIROC Rules Notice 21-0148. The CFRs are a set of amendments designed to better align the interests of registrants, both firms and individuals, with the interests of their clients, improve outcomes for clients, and make clearer to clients the nature and the terms of their relationship with registrants. The first phase of the CFR rule amendments, which came into effect on June 30, 2021, focuses on enhanced standards pertaining to Conflict of Interest (COI) management. The second phase, which came into effect on December 31, 2021, includes enhanced standards with respect to Product Due Diligence and Know Your Product, Know Your Client, Suitability, Relationship Disclosure and Misleading Communications. In December 2021, IIROC published Guidance Note 3400-21-004, which is intended to assist Dealer Members in understanding and complying with IIROC’s Know Your Client and Suitability determination requirements for retail clients.

New Membership In-take Team

In January 2022 IIROC launched a new Membership Intake team. Headquartered in Vancouver, this dedicated team operates on a national basis with representation and expertise from across Canada. This team will serve to develop and maintain effective and efficient processes for membership applications and the review of business changes filed by our Dealers. The creation of this team supports consistency relative to the new membership application process and our review of Dealer business changes.

Compliance Modernization Group (CMG)

As part of IIROC’s fiscal year 2022 priorities to support industry transformation and modernize IIROC rules and approach to regulation, we established a new team – CMG - to explore ways to streamline processes across our compliance teams to create efficiencies for both IIROC and the firms we regulate. These initiatives include:

  • Harmonization of Examination Processes - Certain processes between the three compliance groups were aligned, eliminating areas of duplication and creating efficiencies. CMG continues to assess compliance tools and processes to identify additional opportunities to streamline the programs.
  • Introduction of the Annual Risk Questionnaire - On October 15, 2021, the “Rotational Reviews” and “Selective Review Examinations” previously conducted by Business Conduct Compliance, Financial and Operations Compliance and Trading Conduct Compliance, were replaced by one electronic Annual Risk Questionnaire (ARQ). The ARQ is not an additional process but rather it is intended to replace and streamline our current processes. The information collected from the ARQ will be used as part of our regular examination planning process and provide input to our annual risk assessments of our Dealer Members.
  • Changes to the Timing of the Annual Risk Assessment Process and Issuance of the RTR - We have moved up the timing of our official assessment of Dealer Member risk from “as of March 31” to “as of December 31”. This timing will lead to earlier completion of our risk assessments and enable us to provide the risk trend reports to firms earlier in the calendar year.
  • Annual CEO Certification of Business Continuity Plans - An electronic certification process was introduced on December 1, 2021. The questions that CEOs will be required to respond to are the same as those asked in previous years but rather than submitting a PDF of a signed certificate, the process is now electronic and more efficient.
  • Post Examination Surveys - Post examination surveys were converted into an electronic format. The function is now centralized and managed by CMG.
  • 1In Phase 2 of the proposal, the CSA intends to initiate a formal consultation process to consider incorporating other registration categories (e.g., PMs, EMDs, SPDs) into the new SRO.
Table of contents
  1. Financial and Operations Compliance (FinOps)

  1. Cybersecurity risk

Cybersecurity remains a key business risk for firms regardless of size and complexity. Each firm needs to have appropriate controls in place to safeguard client and personal information and assets, as well as its own critical systems and applications.

During regularly scheduled FinOps examinations, we look at how:

  • firms demonstrate compliance with the cybersecurity incident reporting requirements2 , and
  • cybersecurity risk is managed,

and we incorporate our assessment into the FinOps risk score for the firm.

There has been an increase in findings and recommendations made to firms for being unable to sufficiently demonstrate compliance with IIROC’s cybersecurity incident reporting requirements. As a result, we issued IIROC Guidance Note GN-3700-22-001 to provide additional guidance to firms.

We also continue to review cybersecurity incidents reported by firms.

We remain committed to supporting the industry with education on cybersecurity risk. We issued several communications to firms over the last year alerting them to various cybersecurity threats and vulnerabilities.

Given the success of the first two cybersecurity self-assessment surveys conducted by IIROC and the importance of regular self-assessments to ensure effective management of cyber risk, we have engaged Deloitte to create cybersecurity self-assessment checklists for firms. Firms can use the checklist to assess their own cybersecurity preparedness and identify areas for improvements. While the use of the tool will be voluntary, we strongly recommend that all firms conduct a cybersecurity self-assessment at least once every two years to assess their posture and maturity and identify any critical gaps.

As we continue to monitor the effects of the pandemic and the restrictions that come with it, we are postponing our cybersecurity table-top exercise for small and medium-sized firms, which was initially planned for the summer of 2020, to tentatively in 2022.

  1. Proposal to modernize back-office arrangements and subordinated debt financing

In July 2021, we announced a proposal to review whether our rules and requirements related to back-office arrangements and subordinated debt financing need to be modernized. The objectives of any recommendations will be to ensure that investors are protected, rules are proportionate to the risk of the activity, and unnecessary regulatory burden is eliminated.

We created two industry working groups to discuss issues pertinent to these areas and commenced discussions in August. Both working groups are raising a number of issues and providing helpful feedback and suggestions to IIROC. We intend to publish the outcomes of these discussions along with a plan to address the key issues identified.

  1. Technology Risk

On March 31, 2021, we published a guide, Fundamentals of Risk Management, to help firms manage the critical risks of technology adoption, use and change. The guide covers key risks and controls, and the importance of good governance.

We have incorporated how firms rely on technology and manage the associated risks into the FinOps risk model. We are also enhancing our examination procedures to ensure that firms have designed and implemented controls to monitor their systems and applications for compliance with the relevant regulatory requirements.

As part of the review of technology risk, we intend to review supply chain risks and systemically important vendors to the industry with a view to considering ways in which to identify, assess and manage these risks.

  1. Trading Conduct Compliance (TCC)

  1. Client Identifiers

Amendments regarding client identifiers came into effect on July 26, 2021. With these amendments, each order for a listed security must include, among other things, a client identifier. Through our Trading Conduct Compliance program, we will be reviewing firm compliance with the new requirements and assisting firms with any outstanding implementation issues they may be experiencing. In addition, Dealers who are encountering challenges with the new requirements are encouraged to contact us for assistance.

  1. Short Selling and Failed Trades

All short sale orders entered on a marketplace must include the short sale marker and the firm must have reasonable expectations that sufficient securities are available to settle any subsequent execution. This may include confirmation that shares are available to borrow if required.

Participants must have policies and procedures in place to monitor this activity and to implement further restrictions on further short selling activity as required under UMIR 6.1 (6).

  1. Supervision of Trading

All Participants are required to develop and maintain a supervision system that considers and addresses the risks associated with their business model. As this will vary by Participant, we expect that each will conduct and document an internal assessment to identify all risks and to identify the risks that are most significant to the firm. While it is important to note that lower risks should still be considered and not entirely ignored, Participants should ensure that their supervision system reflects its internal assessment and focuses on the areas of greatest concern. This assists Participants to be more effective and efficient by concentrating their supervisory efforts and resources on higher risk areas.

  1. Delegation of Tasks

In some instances, Participants have delegated supervisory controls or tasks to a third party or an affiliate. While this is permitted under UMIR, it is important to recognize that such delegation must be formally documented with as much detail as possible to ensure sufficient clarity including the specific tasks or controls performed and by whom. Regardless of the delegation of certain tasks or controls, the Participant retains all regulatory responsibility to ensure that all trading related activity that it has initiated is sufficiently monitored and supervised.

  1. Business Conduct Compliance (BCC)

  1. Client Focused Reforms (CFR) - Conflict of Interest Sweep

As mentioned in the Highlights section, with the CFR conflict of interest requirements (COI) that came into effect on June 30, 2021, IIROC, along with the CSA and the MFDA, is conducting a detailed review to assess the extent of Dealer compliance with the new COI requirements. The objective of the review is to determine if firms have met the spirit of the new COI rules and have implemented controls to address material conflicts in the best interest of clients, rather than continuing to default to disclosure which is not sufficient and must be used in conjunction with other controls. As a first step, the IIROC Annual Risk Questionnaire included high level questions regarding the implementation of the new COI provisions by Dealers. This information will be used to further refine and enhance BCC exam processes pertaining to Dealer management of conflicts of interest.

In addition to preparing for the post-implementation review of COI compliance, BCC has also enhanced internal test processes for the remaining CFR provisions that came into effect on December 31, 2021. These provisions involve enhancements to Relationship Disclosure, KYC, Suitability, Product Due Diligence, Know Your Product and Misleading Communications. A second phase of the post-implementation review, building upon insights from the first phase, will focus on KYC and Suitability compliance.

  1. CFR – Misleading Communications & Titles

As noted above, the CFR amendments that came into effect on December 31st include new rules regarding misleading communications.

Section 1 of IIROC rule 3640(1) states that “An Approved Person must not hold themselves out […] in a manner that could reasonably be expected to mislead or deceive any person”, regarding “(i) the proficiency, experience, qualifications or category of registration or approval of the Approved Person”, or “(ii) the nature of the person’s relationship, or potential relationship, with the Dealer Member or the Approved Person”.

Further, section (2) of rule 3640 indicates that an Approved Person who interacts with clients must not use “a corporate officer title unless their Dealer Member has appointed that Approved Person to that corporate office pursuant to applicable corporate law”.

Taken together these requirements make it clear that simply granting a corporate title (typically done under a board resolution) without defined and substantive corporate responsibilities to certain individuals will not be acceptable. We believe appointments of this kind are inconsistent with the rule as the use of these titles could reasonably be expected to deceive or mislead the retail public as to the nature of the Approved Person’s relationship with the Dealer Member.

When reviewing the corporate titles used by Approved Persons, BCC exams will pay particular attention to the substance and nature of the relationship between an Approved Person and the Dealer Member where an Approved Person uses a corporate officer title in his or her dealings with clients. For example, BCC exams will assess whether the Approved Person performs the functions and has been granted the responsibility and powers typically associated with a corporate officer role, including, for example whether the Approved Person:

  • has been delegated the authority to act independently on behalf of the Dealer Member in a manner that is significantly different than an Approved Person who has not been granted a corporate officer title;
  • has the ability to bind the Dealer Member in ways that are more significant than those that flow from the registerable activities conducted by the Approved Person or Approved Persons who have not been granted a corporate officer title;
  • is part of the “mind and management” of the Dealer Member, for example:
    • is responsible for making significant decisions on behalf of the Dealer Member;
    • is responsible for the overall direction and control of the Dealer Member’s operations or financial affairs.
  1. Plain Language Rules Implementation

BCC has updated its exam program to review Dealer Member compliance with the IIROC Rules. The IIROC Rules now include a requirement for Dealers to ensure that any advice given by an Associate Portfolio Manager (APM) has first been pre-approved by a supervising Portfolio Manager (PM). IIROC Guidance Note GN-2500-21-009 describes potential scenarios where pre-approval of APM advice is needed, as well as certain scenarios where pre-approval is not required, (e.g. mechanical rebalancing). BCC will review for the establishment of an adequate oversight regime by Dealer to ensure that advice provided by APMs has been pre-approved and that the necessary documentation has been maintained.

Rule 1500, Managing Significant Areas of Risk, codifies the overarching principle for Dealers to develop and implement a supervisory framework to ensure proper management of all significant areas of risk within the firm. Dealers are required to identify all significant areas of risk specific to their business, have an appropriate Executive responsible for managing each significant area of risk and document this process. As these requirements are principles-based, firms have the flexibility to comply with these requirements in a way that reflects their unique business model and risk profile. This could potentially involve a combination of direct oversight by the assigned Executive of certain tasks, and delegation by the Executive of other tasks.

Under the IIROC Rules, an individual (the Delegator) can delegate the tasks or activities involved in performing a function they are required to do to another individual unless IIROC Rules specifically prohibit such delegation. However, the Delegator can never delegate responsibility for the required function. IIROC has recently published guidance to assist Dealers with the implementation of policies and procedures regarding the identification of significant areas of risk and the assignment of Executives to manage each such area of risk. Early in 2022 IIROC will publish additional guidance regarding delegation.

  1. Protection of Older and Vulnerable Clients – Trusted Contact Person & Temporary Holds

On September 9, 2021 IIROC published Rules Notice 21-0159, regarding Housekeeping Amendments to IIROC Rules to enhance protection of older and vulnerable clients. The amendments are designed to make IIROC requirements uniform in all material respects with corresponding amendments made by the Canadian Securities Administrators (CSA) to National Instrument 31-103. The Housekeeping Amendments are intended to enhance investor protection by providing Dealers with tools to address situations involving diminished mental capacity or financial exploitation of their clients. These amendments relate to the collection of trusted contact information from clients and the placing of a temporary hold in circumstances of suspected financial exploitation of a vulnerable client. We have updated BCC exam processes to assess Dealer Member compliance with the amended rules.

  1. Order-Execution-Only (OEO) – Service Level Review

Over the past few years, and especially in early 2021, we have seen an exponential increase in account openings and retail trading activity at OEO firms. We have also noticed a growing number of service complaints involving OEO firms, specifically the wait times for telephone access to a firm or the inability to access a web service or an application. As retail investors become increasingly reliant on automated online services, we are considering the extent to which failures in the provision of such services should be considered an Investor Protection issue. Accordingly, we initiated a project to review standards of service being provided by OEO firms, to assess whether a regulatory response is needed. As a first step we sent a survey to all OEO Dealers requesting information regarding various aspects of the technology services they provide to their clients. The survey responses provided insight into key factors that should be considered as part of a regulatory response to this increasing client reliance on technology. To move forward with developing new rules or guidance, an OEO Service Level Working Group, comprised of industry representatives and IIROC staff, has been established to discuss and explore possible regulatory responses.

  1. Order-Execution-Only Advertising and Social Media

As noted above, we have recently seen a significant increase in account openings and retail trading activity at OEO firms. Although there may be many different factors driving this activity, the availability of investment opinions on various social media platforms, and the emergence of various unregistered individuals providing these opinions, (i.e., “Social Media Influencers”), are certainly some of the key drivers. In some cases, the quality of information being offered on these different social media platforms may involve inaccurate information, possibly intended for the purpose of market manipulation. The extent to which OEO Dealers interact with these different social media platforms and Influencers, and use social media for advertising purposes, are areas that IIROC will focus on in the coming year. Dealers are reminded that existing IIROC rules and guidance pertaining to advertising and conflict of interest management continue to apply regardless of the communication technology that is being used.

  1. Order-Execution-Only Trailer Ban

In September 2020, the CSA published final rules that implement a trailing commission ban (OEO Trailer Ban). This ban prohibits the payment of trailing commissions by fund organizations to investment firms and their registrants who do not make a suitability determination, such as OEO firms. The rule also prohibits the solicitation or acceptance of trailing commissions by such firms. The OEO trailer ban will come into effect on June 1, 2022 and affects all funds that pay trailing commissions including funds sold under the Deferred Sales Charge option. OEO firms will need to enhance their systems and processes to ensure compliance with the new rules. BCC is updating exam processes in order to test for the successful implementation of the trailer ban requirements as they relate to existing positions held by all clients of OEO firms, as well as the ongoing compliance of firms with respect to new client purchases and funds transferred-in, after the ban takes effect. We expect that there will be interpretative questions and implementation issues that arise as firms prepare for the June implementation. IIROC will continue to work closely with OEO Dealers and the CSA in addressing these issues.

  1. Registration

  1. Implementation of the IIROC Rules

The IIROC Rules implemented on December 31, 2021, included changes to the registration and proficiency requirements.3 A summary of these changes is set out in Plain Language Rule Book Project – Registration Changes (iiroc.ca).

The changes included the introduction of the new Associate Portfolio Manager (APM) and Portfolio Manager (PM) approval categories. The IIROC Rules provide a transition period for Dealers to transition all Registered Representatives with a business type of portfolio management to either the APM or PM category. Dealers must assess the appropriate category based on the criteria set out in IIROC Rule 2629. While the IIROC Rules provide the transition period, we encourage Dealers to make these filings as quickly as possible and we will continue to work with firms to address their questions. Late filings will result in fines and a suspension of portfolio management activities. For individuals transitioning to the category of APM, Dealers should also review the individual’s title(s) to ensure they are not misleading and reflect their new approval category responsibilities.

In reviewing membership applications or changes to the composition of Executives at the Dealer, staff will be looking for compliance with IIROC requirements relating to Executives4 including the requirement in IIROC Rule subsection 3905(3) for a Dealer to “designate as many Executives as necessary to ensure compliance with IIROC requirements, considering the scope and complexity of the Dealer’s business”.5

As set out in the IIROC Policy Priorities – Update Report, we will be working on amendments to some of the registration and proficiency provisions within the IIROC Rules to clarify the intent of the IIROC Rules as currently drafted.

  1. Reporting CE completions

Some individuals and firms did not comply with our CE requirements in cycle 8. The deadline for individuals to complete their CE requirements was December 31, 2021, and the deadline for firms to report completion within the cycle was January 17, 2022. We remind firms that they need to inform their Approved Persons of the end of each CE cycle in a timely manner and failure to comply or report in accordance with the applicable rules results in individual suspensions and firm fines.

  1. Covid-19 Related Proficiency Extensions

With the availability of remote proctored exams by the Canadian Securities Institute, the number of COVID related exemptions and extensions decreased substantially in comparison to last year. However, there were a few online related issues which required consideration. We will continue to monitor this situation and review each matter on a case-by-case basis.

  1. Competency Profiles

We are in the process of developing and publishing competency profiles for all IIROC Approved Person categories. We published our proposed competency profiles for Directors, Executives, UDPs, CCOs and CFO on August 31, 2021.

We continue to work on the competency profiles for the remaining IIROC Approved Person categories with the next phase being for Supervisors, APMs, PMs, and Traders.

  1. CE Accreditation

IIROC’s new Continuing Education accreditation process was launched on January 1, 2022 as IIROC decided to assume direct responsibility over the accreditation of CE courses for a Dealer or an external course provider that wish to submit them, as per IIROC Rule 2703. Information on the CE accreditation process can be found in IIROC Notice 21-0196. For more information on this, Dealers and course providers can contact [email protected].

  1. Deficient Filings

We continue to see filing deficiencies as highlighted in past Compliance Priorities Reports. Our intention is to continue various outreach efforts to the Authorized Firm Representatives and Chief Compliance Officers of these firms, including training sessions with our Registration team to ensure they understand their obligations. We will review basic registration functions, as well as issues specific to the firm, to ensure that our expectations are clear and to outline the consequences of future non-compliance.

Once we have met with a firm, we will take a strict approach to compliance with our requirements and may take any or all of the following steps:

  • reject deficient filings in their entirety
  • impose terms and conditions on the firm
  • refer matters to Enforcement for potential disciplinary action.

We will provide the same training to other firms upon request. As this includes a review of basic registration functions, we will also provide it to new firms, either during the new membership process or shortly thereafter.

  1. Notices of Termination (NOTs)

When filing NOTs, where the termination relates to a firm’s only Registered Representative (RR), Investment Representative (IR), Supervisor or Executive, firms must consider whether they still have the appropriate number and category of Approved Persons to carry out activities. We expect firms to notify us immediately in cases where they are planning to terminate their only RR, IR or Supervisor, or key Executives (including the UDP, CCO, or CFO) where that individual has advised of their intent to resign.

  1. Proficiency Exemptions

We continue to receive deficient exemption applications. Before filing an exemption application, we encourage firms to refer to IIROC Registration ‑ Proficiency Exemption Requests | IIROC. Registration staff would be pleased to discuss these requirements with firms generally, or in connection with specific applications, to provide additional guidance.

  1. Membership Issues

  1. Review of Business Transactions

It is important to keep in mind that the process of working through significant transactions does take time. Please ensure that you factor in enough time for IIROC’s review and the receipt of any required approvals when planning the timeline for completion of any proposed transaction or business change.

In order that IIROC’s review may be conducted in an efficient manner, please ensure that your submission includes all relevant details regarding the transaction or business change and the relevant supporting documentation.

  • 2We implemented Dealer Member Rule 3100 [PLR Rule Book 3703] in November 2019 requiring the mandatory reporting of cybersecurity incidents by firms to IIROC. See IIROC Notice 19-0194 Amendments Respecting Mandatory Reporting of Cybersecurity Incidents (November 14, 2019)
  • 3Further to IIROC Rules, Form 1 and Guidance | IIROC,
  • 4See IIROC Rules 1502, 2503, 3905, 3909
  • 5See definition of Executive in IIROC Rule 1200

Welcome to CIRO.ca!

We have a new look! You can find the Canadian Investment Regulatory Organization (CIRO) at CIRO.ca with our fresh look and feel.

You can now find new publications published by CIRO since January 1, 2023 on CIRO.ca. If you are looking for past notices or bulletins published by MFDA or IIROC, you can find those on our legacy websites. Enforcement related content will continue on those websites as well.

You can now find previous Annual Reports and Enforcement Reports on CIRO.ca, along with Halts and Resumption, and our ePublications sign up (for all previous MFDA and IIROC subscriber lists).

We will continue moving items off MFDA and IIROC in 2023/2024. Stay tuned for future updates.