Chapter 1 - The Role of Compliance.pdf

Transcript

SECTION 1

THE ROLE OF COMPLIANCE
AND
XXX FORMAL COMPLIANCE
STRUCTURE

1 The Role of Compliance
2 Formal Compliance Structure

© CANADIAN SECURITIES INSTITUTE
 The Role of Compliance 1

CONTENT AREAS

Compliance Overview

Creating a Culture of Compliance

Roles of Key Internal Players

Compliance Department Organization

Balancing Revenue Interests with Compliance Risks

LEARNING OBJECTIVES

1 | Describe the role of compliance in the securities industry.

2 | Explain what is meant by a culture of compliance.

3 | Identify the roles of the key internal players in a culture of compliance.

4 | Identify the organizational structure of a typical compliance department.

5 | Discuss the risks of noncompliance.

© CANADIAN SECURITIES INSTITUTE
 CHAPTER 1      THE ROLE OF COMPLIANCE 1 3

INTRODUCTION
The securities industry in Canada and globally is characterized by increased regulation and an ever-growing need
for high compliance standards. Securities regulators require that investment dealers maintain a permanent and
effective compliance function. The objectives of this function are to provide supervision, prevent misconduct,
and promote ethical standards. Fulfillment of these objectives is essential to create fair and orderly markets and,
ultimately, to foster investor confidence.
The term compliance function refers to the staff members who carry out compliance responsibilities; it does not
describe a prescribed organizational structure. The regulatory requirements for a compliance structure are flexible, given
that each investment dealer is unique, and that business models and products offered vary from one dealer to the next.
However, all investment dealers are alike in that compliance should be viewed as an integral part of general business
activities, rather than as an isolated activity of the compliance department. Everyone at the investment dealer,
including the board of directors (or equivalent), employees, and agents, should therefore understand the standards of
conduct that apply to their role, regardless of whether they are registered with or approved by the securities regulators.
In this chapter, we discuss the concept of compliance, with particular focus on the need for a culture of compliance
within an investment dealer that is a member of the Canadian Investment Regulatory Organization (CIRO). We also
examine how the nature of compliance and the roles of key internal players at a dealer member have evolved to
meet the current requirements of regulators in the securities industry. The goal of these requirements is to reduce
the risk of financial loss, regulatory or civil sanctions, and reputational harm to the firm and the industry.

COMPLIANCE OVERVIEW

1 | Describe the role of compliance in the securities industry.

The compliance function has evolved over time as business philosophies and the expectations of regulators and
customers have changed. Historically, compliance was a reactive process. Its role was to monitor for violations
of rules, regulations, and internal policies. Its purpose was to identify potential issues at an early stage, including
patterns of improper behaviour or activities, material or systemic weaknesses, and product-specific problems. Once
identified, the compliance department would report issues to management, along with their recommendations.
Management, in turn, was responsible for resolving problems quickly.
Today, compliance is a proactive function with a broadened role. Surveillance is now accompanied by an equally
important advisory function, along with day-to-day risk management. Rather than review past transactions
to identify violations, as in the past, the emphasis is on developing and implementing a continual culture of
compliance. This responsibility includes forecasting trends and creating supervisory platforms based on those
forecasts. The expanded responsibilities of the role place increased demands not only on compliance personnel but
on every employee of a dealer member.
To have an effective compliance department, an investment dealer member of CIRO must have an infrastructure
based on dynamic policies and procedures and robust training initiatives, monitoring systems, and advice channels.
The firm must also appoint a chief compliance officer (CCO) to oversee the department and manage compliance
issues within the firm. The CCO cannot create a compliance culture single-handedly; however, the person in that
role must be able to build the framework and provide the leadership required to make it work.
The day-to-day work of compliance is generally a function of staff members who continually monitor and assess
the firm for compliance with regulatory requirements. They report and advise internally on any concerns, including
whether there are appropriate policies and procedures in place to address possible compliance issues. Compliance
staff is also responsible for identifying and preventing violations of regulatory requirements by all employees and
clients. The dealer member’s compliance function has a significant impact on its culture and ethics. It manages the
risk of legal or regulatory sanctions, financial loss, and damage to the firm’s reputation that can result from violations.

© CANADIAN SECURITIES INSTITUTE
1 4 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1

INTERNAL RESPONSIBILITIES
The compliance function performs the following internal activities:

Advising day-to-day on rules and regulations
Establishing and updating compliance policies and procedures on a regular schedule and when the need arises
Monitoring and interpreting regulatory developments
Providing mandated training and education
Liaising with regulators
Promoting and delivering a compliance culture within the firm
Taking preventive measures to ensure that employees comply with rules and regulations
Enforcing the dealer member’s policy manual and applicable industry rules, and imposing discipline
Reviewing business opportunities from a compliance perspective, including new products and markets

EXTERNAL STAKEHOLDERS
Today’s compliance function must monitor the needs of investors, customers, regulators, auditors, and the public.
To a lesser extent, compliance staff must consider the expectations of analysts, rating agencies, partners, peers,
and the media. In response to these external stakeholders’ needs, and also as a way to maintain a fair and equitable
marketplace, regulators have substantially increased their demands on market participants.
Monitoring of external stakeholders’ needs by the compliance function might include any of the following activities,
depending on the stakeholder:

Maintaining ongoing dialogue with regulator partners such as CIRO, the provincial securities administrators, and
the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC)
Monitoring industry-specific press coverage, particularly as it relates to other market participants’ regulatory
breaches
Tracking civil litigation and consumer concerns
Monitoring industry-wide developments by participating in continuing education forums
Remaining current with regulatory notices, including those issued from other non‑industry-specific bodies (such
as the Canadian Radio-television and Telecommunications Commission regarding anti-spam initiatives)
Sitting on industry committees
Monitoring shareholder expectations through ongoing dialogue and feedback from the board of directors
Monitoring consumer expectations by regularly reviewing customer surveys and complaints
Maintaining regular, frequent, and sometimes daily contact with senior and line management

COMPLIANCE AS A CORPORATE GOVERNANCE ISSUE
Risk to reputation is currently one of the largest risks facing financial organizations. For that reason, the focus on
more stringent standards of governance remains strong, especially in light of recent financial crises. Heightened
standards imposed by regulators on dealer members emphasize transparency, heightened disclosure to clients,
accountability, ethical behaviour, enhanced governance, and stronger risk management and compliance capabilities.
However, it is evident that mere compliance with laws and regulations is inadequate to protect against this risk; it
must be accompanied by compliance with internal governance, ethics, and risk policies.
Dealer members should integrate their governance, risk management, and compliance activities to protect
themselves from reputational damage. Furthermore, they recommend that these activities be linked to

© CANADIAN SECURITIES INSTITUTE
 CHAPTER 1      THE ROLE OF COMPLIANCE 1 5

organizational performance measures. And, finally, to achieve success, the focus must shift to integrity and
compliance as an organizational goal, and not merely a function of the law. Dealer members must establish a
culture of compliance by promoting and rewarding compliant behaviour and penalizing behaviour that violates
the compliance principles of the organization and the industry. Part of this initiative involves establishing a culture
where compliant behaviour is seen as something that is willingly done, rather than something that must be done.

EXAMPLE
With the recent severe market volatility resulting from the global COVID-19 pandemic, we have seen
unprecedented impacts on both client account balances and dealer operations. In these situations, the
compliance function of dealer members has been tested by both volatility and clients’ fear for their financial well-
being. Mere compliance with industry rules, expectations, and guidance is not enough to protect registrants in
such circumstances; individual registrants must also understand why the rules are in place. The mischief they are
designed to prevent can sometimes only become apparent in the face of a crisis such as COVID-19.
Put another way, dealer members must comply not only with the letter of industry rules, but also with the
principles behind them.
For example, a dealer member that fails to implement CIRO’s guidance relating to cybersecurity will quickly have
realized during the global pandemic that their entire operations were susceptible to heightened attacks that take
advantage of systems weakened by a crisis. During the pandemic, problems might arise from poorly thought-out
work-from-home arrangements or the use of personal devices on unsecured networks. Dealer members that fail
to value the true importance of compliance or to communicate to staff why it is important will suffer during these
types of events, and, by extension, so will their clients.

CREATING A CULTURE OF COMPLIANCE

2 | Explain what is meant by a culture of compliance.

A culture of compliance is difficult to describe precisely. It is generally a culture where everyone acts as they should,
but it does not necessarily grow out of rules, policies, and procedures.
The culture of an organization is defined by the behaviours it accepts and rewards. CIRO measures the extent to
which its dealer members foster a culture of compliance through a process of observation, audits, and reviews.
Regulators observe the firms’ activities and evaluate their responses to an enquiry, which includes the following
types of questions:

How frequently do clients complain of improper business dealings?
How many unresolved client complaints exist?
How quickly and thoroughly does the firm respond to client complaints?
How reliable are reports that complaints have been resolved?
Does the firm have a reputation for failing to resolve client or regulatory complaints quickly?
Is a firm’s relationship with the regulator consultative or reactive regarding compliance issues?
Is compliance a primary concern for the firm, or an afterthought in response to an enquiry?
Is compliance a part of the firm’s ongoing training?
Are all employees trained in compliance, or only particular employees?
How does the firm deal with employees who violate rules and regulations?
Are employees who have committed comparable violations treated equally?

© CANADIAN SECURITIES INSTITUTE
1 6 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1

In an organization with a culture of compliance, employees obey the spirit of the law, not merely the letter of the
law. In ambiguous situations, they can be relied on to make ethical and compliant decisions. A dealer member’s
success depends on its ability to ingrain a culture of integrity and ethical values. In an organization without such
a well-developed culture of compliance, ethical dilemmas are allowed to go unresolved or are resolved in a
noncompliant way. Ultimately, the goal of a culture of compliance is to be able to rely on all employees to act in a
compliant manner in all situations. When in doubt, employees in a compliant culture understand that escalation to
senior management is an appropriate measure.
In addition, in the current principles-based approach to regulation, the regulators allow flexibility in the
implementation of a compliance system in recognition that the business model of one dealer member is very
different than that of another. However, this flexibility can create uncertainty in dealer members where a culture of
compliance does not exist.
In assessing what is acceptable, employees are more inclined to respond to the behaviour of their firm’s leaders than
they are to a code of ethics or set of rules. If a senior manager or director acts unethically, their employees are also
likely to act unethically. Conversely, when the firm’s leaders act ethically, reward ethical behaviour, and penalize
unethical behaviour, they foster a culture where employees can be relied on to act compliantly. Such a culture is
known as “tone at the top.”

ROLES OF KEY INTERNAL PLAYERS

3 | Identify the roles of the key internal players in a culture of compliance.

Many groups and individuals with distinct interests are involved in the compliance function and in developing the
compliance culture of a dealer member. At a minimum, they include the board of directors, senior management,
the compliance department, and the line managers and supervisors. The compliance role of each of these groups is
described in detail below.

BOARD OF DIRECTORS
Directors are elected by the shareholders of a firm and are accountable to them for achieving corporate objectives.
The board of directors also represents the corporation and establishes the environment in which management and
staff undertake corporate objectives. The board is also obligated to act in the best interests of the corporation.
Directors are generally not active in the day-to-day operations of a dealer member. Instead, they are responsible
for developing strategies to carry the business into the future while managing associated business risks. One of
their main objectives is to set strategic goals and identify issues that must be addressed to achieve those goals. Two
substantial business risks they must consider are compliance risk and regulatory risk. However, it is not their role to
verify that the firm and its staff are in compliance with the relevant requirements.
Another of the board’s responsibilities is to establish the firm’s ethical code. No single model of ethics can be
prescribed because such codes must address the firm’s particular business. Nevertheless, the conduct of the
directors in their activities, both in and outside the firm, becomes part of the firm’s compliance culture and sets an
example for employees.
A dealer member’s board of directors must act on reports received from the CCO. The board must also establish the
firm’s corporate governance structure and integrate it with the risk management and compliance functions. When
integration is successful, the firm and its representatives are more likely to comply with rules and regulations than a
firm where governance and compliance are at odds.

© CANADIAN SECURITIES INSTITUTE
 CHAPTER 1      THE ROLE OF COMPLIANCE 1 7

SENIOR MANAGEMENT
The primary responsibility for developing a firm’s culture of compliance falls on senior management. The CCO is an
integral member of this group but without the ongoing support of senior management, it is virtually impossible to
establish such a culture within a firm.
Under CIRO’s Investment Dealer and Partially Consolidated (IDPC) rules, a member of the firm’s executive
management must be appointed as Ultimate Designated Person (UDP). In almost all circumstances, the person
designated is the president or chief executive officer of the dealer member.

DID YOU KNOW?

In 2023, the CSA approved the merger of IIROC and the MFDA into a single self-regulatory organization
(SRO) known as CIRO. The new SRO has assumed the regulatory responsibilities of the MFDA and IIROC
and will operate under an interim set of rules until a new rule book is developed. The IDPC rules govern
investment dealers and dually registered dealers. Mutual fund dealers are governed under the Mutual
Fund Dealer rules. In this textbook, we focus on the IDPC rules, which we refer to interchangeably as
“CIRO rules.” IIROC guidance remains in effect and will be updated to reflect the new rules.

The UDP must oversee the development and implementation of adequate written policies and procedures. Upon
their establishment, senior management must make sure that all employees understand their responsibilities.
Changes to written policies and procedures should be communicated to staff through compliance memos or regular
meetings and supplemented with continuing education programs. It is senior management’s responsibility to
communicate such information, but they often delegate the task to the compliance department.
Directors and senior management must also establish an ethical climate by showing strong support for the
firm’s compliance function, prioritizing compliance goals, and demonstrating compliant behaviour. Only in an
environment that promotes such a tone at the top can line managers and employees view the compliance function
as a key institutional process. This outlook enables them to work cooperatively to achieve business objectives
despite the many challenges posed by the regulatory framework.
CIRO rules also require that the firm’s CCO report to the board of directors at least annually on the status of
compliance. These requirements help to ensure that the senior management team members accept a critical role in
establishing a culture of compliance and that they understand their accountability.
Finally, senior management must allocate adequate resources to the compliance department and grant the
necessary authority to supervisory personnel so that they can implement and enforce the firm’s policies and
procedures.

COMPLIANCE DEPARTMENT
The role of the compliance department has become increasingly important in recent years. This department plays
a central part in implementing and monitoring many regulatory initiatives. Such initiatives include new processes
regarding anti-money laundering, client identification, corporate governance, and privacy. Compliance departments
also help senior and line managers promote a culture of compliance within firms and oversee staff training on
compliance issues.
The CCO, as the title suggests, is the head of the compliance department. He or she monitors activities at the
firm to ensure that staff members adhere to policies and procedures, that the compliance function is managed
effectively, and that regulatory standards are met. The CCO must establish and maintain policies and procedures
for assessing compliance by the dealer member, and it must report the results of this assessment to the board of
directors at least annually. The CCO must also report all material incidents of noncompliance to the UDP. The CCO’s
role can be fulfilled only with the ongoing support of senior management and the board of directors.

© CANADIAN SECURITIES INSTITUTE
1 8 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1

Under normal circumstances, the compliance department does not have direct authority over line staff, such as
sales or trading employees. This limited authority restricts the department’s ability to act when violations are
brought to the attention of line managers. However, the role of the compliance department is evolving. At most
firms, the compliance department has the power to reverse or restrict transactions that it deems to be in violation
of regulatory requirements or that could be perceived as unethical. By assuming responsibility for business decisions
in such cases, however, the compliance department may also be assuming regulatory responsibility for its action or
inaction. We discuss the organizational structure of a typical compliance department later in this chapter.

LINE MANAGERS AND SUPERVISORS
The primary objective of line managers and supervisors at a dealer member is to meet specific production goals
established by their superiors. Therefore, their focus is often on revenue. However, new regulations highlight the
added importance of the compliance culture and function within the firm. Some high-profile compliance failures
have shown that violations can be incalculably costly to the violating firm. As a result, line managers and supervisors
today are much more likely than in the past to view the compliance department as a valuable resource and a
partner to the business. It is critical that line managers and supervisors understand that, although their objectives
for revenue are paramount, this revenue cannot be earned or achieved without the compliance department. In the
past, compliance has typically been viewed skeptically as anti-business; however, it has always been the case that
the opposite is true. Compliance should be viewed as a partner with business because the business would not exist
without it.
Line managers and supervisors are also increasingly held accountable not only for the revenue-generating activities
of their staff, but also for their regulatory lapses. In effect, this accountability is the foundation of a culture of
compliance within a dealer member. To reduce the possibility of regulatory action, litigation, and reputational harm,
managers and supervisors now stress to their staff the importance of being compliant while continuing to meet
revenue objectives.
Employees typically look to management for guidance regarding their organization’s culture, and they respond
accordingly. In a compliance-focused culture, managers encourage employees to ask compliance-related questions
about their firm’s products, services, and business activities. Because not all compliance issues have easy answers,
management should provide a forum for their resolution, along with education and training.

EXAMPLE
A dealer member’s new proprietary investment product has the potential to generate significant revenue.
Because it has several underlying and embedded complexities, the firm realizes that, purely from a risk
perspective, the product might not be suitable for all clients; many clients may simply have an inappropriate risk
tolerance.
In addition to the issue of suitability, the proprietary nature of the product is also a concern. Because there
are many similar products in the marketplace for clients to choose from, the dealer member must consider
compensation conflicts in recommending the product to clients.
The good news is that the firm’s product has tangible differences that clearly set it apart from those of industry
competitors. A recommendation to purchase it can therefore easily be justified to the client (for reasons other
than the fact that the competitor’s product pays lower fees to both the firm and the advisor recommending it).
Because of these nuances, management decides to provide employees with opportunities to analyze all risks in
an appropriate setting, where they are comfortable addressing them. The firm also ensures that its employees
feel no hesitation about approaching the compliance department with any questions. This dialogue will take
place during the creation of the product, most likely in front of the dealer member’s product review committee. It
is standard practice for these types of concerns to be reviewed and analyzed in advance of a product being made
available.

© CANADIAN SECURITIES INSTITUTE
 CHAPTER 1      THE ROLE OF COMPLIANCE 1 9

COMPLIANCE DEPARTMENT ORGANIZATION

4 | Identify the organizational structure of a typical compliance department.

No single organizational structure fits all compliance departments, because firms vary in their management
structure, business lines, and strategies. Factors such as available technology and staff experience play an important
role in determining departmental organizations at each dealer member. Supervisory regulations and best risk
management practices for particular lines of business also help in determining departmental structures.

EXAMPLE
A firm that deals with commodity futures and options requires dedicated resources for the supervision and risk
management of its business. Other rules, such as those regarding registrations and anti-money laundering, apply
equally to all firms and require similar supervisory resources.

Some functions may overlap with other departments and can appropriately be housed in one of those departments.
Registrations, for example, could logically be a part of the human resources department, rather than the compliance
department. Similarly, technology resources might be a part of the information technology department and still be
dedicated to supporting the compliance function.

FUNCTIONAL ORGANIZATION OF A COMPLIANCE DEPARTMENT
Figure 1.1 shows the organizational chart of a typical compliance department at a full-service investment firm. This
chart is a simplified version of what an actual structure would look like; few firms would fit precisely into such a
simple structure.
The organizational charts that follow illustrate some of the functions that would generally fall under each of the
second-level headings in the simplified chart.

Figure 1.1 | Compliance Department

Chief Compliance
Officer

Investment
Retail Institutional Management Registrations
and Funds

© CANADIAN SECURITIES INSTITUTE
1 10 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1

RETAIL COMPLIANCE
Figure 1.2 shows some basic functions of the retail compliance department.

Figure 1.2 | Retail Compliance

Retail
(Advice and No-Advice Channels)

Account opening (with specific
expertise for different account types)

Surveillance

Complaint handling and investigations
(including regulatory reporting)

Anti-money laundering and
terrorist financing

Retail compliance might include the following additional functions:

Developing policies and procedures
Providing interpretive advice
Providing pre-approval for transactions that require it
Approving marketing and surveillance initiatives
Overseeing training
Reviewing outside activities

The number of compliance staff required to fulfill the department’s responsibilities depends on the following factors,
among others:

An upward or downward shift in business growth may increase or reduce the need for compliance staff.
Improvements to information systems can improve efficiency and reduce the need for staff.
If the firm operates in multi-jurisdiction locations or in different languages, additional or specialized staff may
be required.

An alternative method of organizing retail compliance is geographically, with parallel teams responsible for the
functional divisions. This structure is depicted in Figure 1.3.

© CANADIAN SECURITIES INSTITUTE
 CHAPTER 1      THE ROLE OF COMPLIANCE 1 11

Figure 1.3 | Retail Compliance Department Organized Geographically

Retail
(Advice and No-Advice Channels)

Western Ontario Québec Atlantic

INSTITUTIONAL COMPLIANCE
Figure 1.4 shows the functional organization of the compliance department for institutional sales and trading and
investment banking.

Figure 1.4 | Institutional Compliance

Institutional
(Sales & Trading and
Investment Banking)

Account approvals
and trade surveillance

Research reviews and approvals

Firewalls and
gatekeeper requirements

The institutional sales and trading department and the investment banking department generally have a smaller
compliance staff than that required to supervise a full-service advice channel retail business. The reason is that the
risk of multiple compliance problems at the institutional level is smaller. However, the potential loss that can result
from noncompliance in an institutional business is still significant. Consequently, the level of skill and experience
of institutional compliance staff should be high. Some firms, particularly those that trade derivatives and other
complex instruments, have dedicated legal staff that works closely with institutional compliance staff. The number
of staff required is determined by factors similar to the retail division: volume, nature, and complexity of the
business; sophistication of available technology; and the experience and qualifications of existing staff.

© CANADIAN SECURITIES INSTITUTE
1 12 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1

INVESTMENT MANAGEMENT
The organizational chart of the compliance department of an investment firm is illustrated in Figure 1.5.

Figure 1.5 | Investment Management Compliance

Investment
Management and Funds

Legal support

Trading surveillance

Many investment firms have investment management and investment fund subsidiaries, which also require specific
expertise. Typically, the staff required to support this type of business is associated with the firm’s legal department,
rather than compliance.
An organizational chart specific to the registrations unit is not shown, mainly because the number of staff required
for this unit depends on the volume and complexity of the business conducted by the firm.

BALANCING REVENUE INTERESTS WITH COMPLIANCE RISKS

5 | Discuss the risks of noncompliance.

Finding an appropriate balance between revenue generation and compliance risk is a significant challenge for any
dealer member. To address it successfully, senior management must consider the types and extent of risk that the
firm is prepared to assume in attempting to increase revenues. Most importantly, deciding whether the business
wishes to take on additional risk should be done with advice from the compliance department. By communicating
a consistent message to all departments regarding such risks, senior management helps to create a successful
relationship between compliance and the rest of the firm. With the help of legal advisors, consultation with
regulators, and advance rulings, it is easier to minimize compliance risk than other types of risk such as credit
or reputational risk. As the compliance department and the business units become familiar with each other’s
perspective, their differences are minimized, and the benefits of cooperation are realized.

DID YOU KNOW?

The compliance department can often identify potential compliance issues at an early stage of product
development and suggest solutions to compliance problems. This partnership approach to business
development is a hallmark of firms with a strong culture of compliance.

Generally, the compliance department aims to minimize risk, whereas the business units aim to generate maximum
revenue. However, a dealer member with a strong compliance culture benefits from both objectives, which are
never completely at odds with each other. All employees share the common objective of a profitable and compliant
business. If a firm finds that revenue cannot be generated without significant risk, the firm should seriously consider
whether that revenue stream should be pursued.

© CANADIAN SECURITIES INSTITUTE
 CHAPTER 1      THE ROLE OF COMPLIANCE 1 13

EXAMPLE
Leverage strategies and products that are designed to enhance leverage, such as leveraged exchange-traded
funds, can be very effective in certain situations. However, because such strategies and products can increase risk,
their use must be supported by facts, for both the clients and the dealer member.

RISKS OF NONCOMPLIANCE
In the highly competitive securities industry, and especially in tough market conditions, dealer members can be
tempted to cut costs by reducing non-revenue-generating compliance staff. However, most firms are aware that the
risks related to noncompliance are too great to take this hazardous approach to meeting performance goals.

DID YOU KNOW?

During the market downturn in 2009, IIROC (now CIRO) cautioned its dealer members of their need to
maintain an effective supervision and risk management program, despite the need to reduce expenses.
They specifically noted that firms should carefully consider the potentially negative impact of reducing
the number of employees in compliance and other control function areas.

The three general types of violations are categorized by the laws, rules, or policies that they violate:

Criminal violations
Civil violations
Regulatory violations

Penalties for noncompliance vary significantly, depending on the type of violation and the costs of correcting the
violation’s effects.
The consequences of any type of violation can include disciplinary measures (e.g., fines, suspensions, and in some
instances, termination), legal expenses, penalties, and the cost of staff response time. Unlike penalties, legal and
staff costs must be paid regardless of the outcome of an investigation. A criminal violation can also result in a prison
sentence. Considering the direct costs of noncompliance, and the added intangible costs of lost business, adverse
media attention, and loss of reputation, the benefits of a culture of compliance are clear.

ENFORCEMENT ACTION
CIRO may initiate enforcement action against any member of a dealer member’s staff who violates securities laws
or the firm’s requirements or who fails to meet their supervisory obligations. Individuals subject to action may
include directors, executives, supervisors, the UDP, the CCO, the chief financial officer, and any other Approved
Person. In each case, the person’s conduct will be judged against the standard of a reasonably proficient and diligent
person holding the same responsibilities.

EXAMPLE
Compliance officers could face disciplinary action in either of the following cases:

When they fail to identify rule violations consistent with the standard of a reasonably proficient and diligent
compliance officer
When, after identifying a violation, they fail to escalate it in accordance with the firm’s established escalation
procedures

© CANADIAN SECURITIES INSTITUTE
1 14 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1

SUMMARY
In this chapter, we discussed the evolving role of compliance at a dealer member in today’s regulatory environment.
We focused on the firm-wide mandate of the compliance function and the specific responsibilities of the CCO and
other compliance department staff.
We discussed that the compliance function encompasses surveillance, advice, reporting, and other risk management
activities that are necessary to keep a dealer member compliant with current regulations. You should also know the
role of the compliance function in maintaining a fair and equitable marketplace. This role involves monitoring the
concerns of external stakeholders and keeping up to date with changes in the industry.
We also looked at the various roles of the key internal players at a dealer member and explained how they work
together to create a culture of compliance that starts at the top and filters down through the entire organization.
A key point to remember is the need to create an appropriate balance between managing compliance risk and
generating revenue for the firm.
Finally, we briefly discussed the risks of noncompliance – a topic we explore in greater detail in Section 5, Regulatory
Investigations and Reporting.
In the next chapter, we focus on a formal compliance structure and explain what such a structure looks like at
a dealer member.

© CANADIAN SECURITIES INSTITUTE