Chapter 16 - Reporting Requirements PDF

Summary

This document covers reporting requirements for chief compliance officers (CCOs) and dealer members. It details reporting responsibilities to management and the board of directors, including specific issues that should be included in the reports. Reporting obligations under Canadian regulations and the importance of timely reporting are also emphasized.

Full Transcript

Reporting Requirements 16 CONTENT AREAS Overview of Reporting Requirements Reporting to Management and the Board of Directors Other Reporting Obligations LEARNING OBJECTIVES 1 | Describe...

Reporting Requirements 16 CONTENT AREAS Overview of Reporting Requirements Reporting to Management and the Board of Directors Other Reporting Obligations LEARNING OBJECTIVES 1 | Describe a chief compliance officer’s reporting responsibilities to management. 2 | Describe the issues that should be included in a chief compliance officer’s report to the board of directors. 3 | Identify the other reporting obligations a chief compliance officer should be aware of. © CANADIAN SECURITIES INSTITUTE CHAPTER 16      REPORTING REQUIREMENTS 16 3 INTRODUCTION In the previous chapter, we discussed the types of situations that might require an internal investigation and we explained the guidelines for conducting such an investigation. You learned that failure to comply with legal and regulatory obligations can result in time-consuming and costly consequences to a dealer member and its registrants. In this chapter – the final chapter in this course – we discuss the reporting obligations of both the dealer member generally and the chief compliance officer specifically. These requirements go hand-in-hand with investigations and are articulated clearly by CIRO and other regulatory bodies. We discuss what CIRO considers to be the minimum reporting obligations. However, a dealer member or CCO may choose to report on a more frequent basis. Such proactive reporting promotes enhanced transparency between the CCO or firm and the recipient of the report in question, whether it be the board of directors, CIRO, or a provincial securities commission. OVERVIEW OF REPORTING REQUIREMENTS 1 | Describe a chief compliance officer’s reporting responsibilities to management. The role of the CCO is an integral part of a dealer member’s executive management team. The CCO has a responsibility for the overall operation of a dealer member’s compliance department. IDPC Rule section 3912 outlines various other CCO responsibilities, including a specific duty regarding reporting. The duty to report certain matters is imposed on both the CCO and the dealer member. For example, the importance of disclosure is particularly apparent in the reporting obligations that are imposed generally on dealer members and specifically on the CCO. As shown in Exhibit 16.1, CIRO provides prescriptive requirements on the CCO in terms of reporting certain matters to the Ultimate Designated Person and to the dealer member’s board of directors. The dealer member also has specific reporting responsibilities over and above those of the CCO. Exhibit 16.1 | Excerpt from CIRO’s IDPC Rules 3915. Report to Dealer Member’s board of directors 1. At least annually, the Chief Compliance Officer must provide a written report to the Dealer Member’s board of directors for the purpose of assessing compliance by the Dealer Member, and its employees and Approved Persons, with CIRO requirements and securities laws, other than those required under subsection 3915(2). 2. At least annually, the Chief Financial Officer must provide a written report to the Dealer Member’s board of directors for the purpose of assessing compliance by the Dealer Member, and its employees and Approved Persons, with the financial CIRO requirements and securities laws, as necessary. 3. The Dealer Member’s board of directors must review the reports and recommendations submitted to it pursuant to section 3915 to determine the appropriate action to be taken to remedy any compliance deficiencies that are identified and must ensure that such action is taken. 4. The Dealer Member’s board of directors must maintain records of the actions it determines necessary to correct compliance problems and the monitoring done to ensure that the actions are carried out. © CANADIAN SECURITIES INSTITUTE 16 4 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 5 REPORTING TO MANAGEMENT AND THE BOARD OF DIRECTORS 2 | Describe the issues that should be included in a chief compliance officer’s report to the board of directors. MANAGEMENT A key responsibility of the CCO is to ensure effective and prompt reporting of compliance-related matters and proper escalation of problems and issues. CIRO reporting requirements apply both to the UDP and the board of directors of the dealer member. The CCO is also expected to act professionally and in a manner fitting the seniority of the role when advising executive management as to how such matters can be resolved. BOARD OF DIRECTORS The CCO must provide an annual report to the board of directors that assesses compliance by the dealer member and its staff with CIRO rules and securities legislation in general. This report should provide the board with the information needed to fulfill its oversight responsibilities. In effect, the report prevents the board members from asserting that they were not aware of an issue. The benefit of a report from the CCO is that it originates from a control function that is separate from business line management. The specific obligation to report in this fashion also ensures the independence of the CCO in regard to the board of directors, without interference from management. The CCO should take the opportunity to report on all matters to the board that are of concern. The report should include enough detail so that a reader can understand the material’s importance. Without sufficient detail, the board may overlook important issues. Omissions or lack of candour may be viewed as a failure by the CCO to carry out his or her regulatory responsibility. The report is not required to be in writing; however, a written report demonstrates more clearly the CCO’s compliance with his or her obligations. It is recommended that the report be documented in writing as evidence that it was completed as required. Oral reporting is also acceptable. However, such discussions may frequently occur outside of meetings with the board, so they should be properly documented by both the CCO and the board in notes or memoranda so that they can be filed. Although CIRO does not specifically prescribe what matters should be covered in the report, Table 16.1 outlines a sample of issues and considerations that may be included. Table 16.1 | Issues and Considerations to Include in a Report Issues Considerations A summary of the current staff complement in the Information should include new hires and instances compliance department over the reporting period. of staff attrition or termination. The results of compliance monitoring and Information should include any material compliance surveillance activities conducted by the compliance violations, deficiencies and issues that were detected. department over the reporting period. This material can include monitoring and surveillance applicable to certain programs offered by the dealer member. © CANADIAN SECURITIES INSTITUTE CHAPTER 16      REPORTING REQUIREMENTS 16 5 Table 16.1 | Issues and Considerations to Include in a Report Issues Considerations To the extent that any changes or modifications For example, if reporting received from the dealer have taken place to the reporting apparatus of member’s carrying broker was late on certain the compliance department, the existing status of occasions, this should be noted. the regular (daily and monthly) reporting received by the compliance department as part of its supervisory obligations. The results of any examinations or reviews (such as Information should include any material compliance sweeps) conducted by a regulatory authority. violations, deficiencies, and issues. These results should include examinations or audits by regulatory bodies such as CIRO, provincial securities, and or the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC). They should specifically include the nature of all findings, including whether a violation is first time, repeat, significant, or repeat significant. The results of any other internal or external examinations or reviews that have a bearing on the compliance function. A description of any other material compliance violations, deficiencies, or issues otherwise identified. A description and analysis of any regulatory investigations and sanctions involving the firm and any of its current or former partners, directors, officers, or employees. A description and analysis of all employees who presently have terms and conditions imposed either by CIRO, the provincial securities commissions, or the dealer member. A description and analysis of any material litigation. A description and analysis of all client Details should include complaint-related statistics, complaints, the status of such complaints, and such as settlement costs, potential exposure, any settlements dealer members may wish to complaint settlements beyond a certain threshold, consider. and trends analysis, including any trends applicable to a particular branch or registrant. © CANADIAN SECURITIES INSTITUTE 16 6 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 5 Table 16.1 | Issues and Considerations to Include in a Report Issues Considerations A description and analysis of all regulatory If the dealer member’s supervision is being investigations regarding such client complaints. investigated as well, the report should indicate whether such investigations have been extended to include the dealer member. A description of all reporting completed by the The description should include all gatekeeper- dealer member during the reporting period. related matters, complaint handling and internal investigation reporting to the Complaints and Settlement Reporting System, and suspicious transaction reporting to FINTRAC. It should also include all regulatory filings made or required to be made by the dealer member, such as strict or close supervision reporting. An analysis of new and changed relevant regulatory The compliance department should be tracking requirements. ongoing and proposed regulatory initiatives whose future implementation might create resource challenges or otherwise have an effect on the dealer member. Changes include both Canadian and foreign initiatives and may not necessarily be limited to the investment industry. This aspect of a CCO’s report highlights the importance of the compliance department being involved at the senior management level to ensure access to strategic and ongoing initiatives. Any material compliance policies and procedures implemented during the period. A summary of compliance education and awareness Details should include, to the extent applicable, a activities. discussion of continuing education requirements and how individual registrants are managing those obligations. A summary of material compliance initiatives and activities undertaken during the period not otherwise covered. Any recommendations for remedial actions taken, or to be taken, in response to compliance violations or deficiencies. Identification of previously reported material compliance violations, deficiencies, or issues for which corrective actions have not been implemented. © CANADIAN SECURITIES INSTITUTE CHAPTER 16      REPORTING REQUIREMENTS 16 7 Table 16.1 | Issues and Considerations to Include in a Report Issues Considerations A summary or list of all new or revised policies and procedures that have been implemented during the reporting period. A review and its results of all internal branch audits The report might include a reference to the dealer and examinations carried out by the compliance member’s branch audit program and progress. department or the dealer member’s internal audit department. A statement as to compliance with all regulatory capital/financial compliance requirements. The contents of a compliance department’s report to the board of directors, as well as the information that is submitted to the UDP, does not have a content limit. A minimum is required, both in terms of content and frequency, but in theory the CCO should provide full transparency to both the board and the UDP. In this way, a clear picture is created of the state of affairs regarding dealer member compliance. Full transparency also helps achieve a tone of accountability at the dealer member. It also ensures that the CCO has regularly escalated all issues to both senior management and the board of directors. It should be recognized that a report to the board is not a static document or a fill-in-the-blank exercise. It will necessarily change over time to reflect different content based on natural changes and evolution of the business lines of the dealer member. Certain reporting (e.g., the subject of complaints or legal matters) remains constant. However, CCOs should treat the exercise of reporting to the board as a robust and dynamic process of aggregating data to ensure that they are meeting their reporting obligations under CIRO rules. In addition, CCOs should have regular and recurring meetings established with the UDP, and their report to the board should be a standing agenda item at those meetings where they are scheduled to attend. As part of this formal reporting process, CCOs should be prepared to provide their conclusions and opinions to the board and the UDP regarding the state of compliance at the dealer member. CCOs must also report on the effectiveness of the compliance department, and should be forthcoming and candid about their own areas of specific responsibility. Conclusions as to effectiveness should include concerns regarding the required proper resourcing to ensure that the dealer member is able to meet its compliance obligations. Table 16.2 shows a sample structure for reporting to the board of directors. Table 16.2 | Sample Chief Compliance Officer’s Report to the Board of Directors 1. Background and introduction Organizational chart of the compliance department (including reporting lines) Scope of the report – a brief description of scope and an overview of the in-force compliance monitoring and supervision program, including references to registered compliance department staff (i.e., supervisors), coverage areas (i.e., options, managed accounts, commodities, retail, and investment banking), and the roles of the CCO and UDP Staffing and human resources (personnel changes) © CANADIAN SECURITIES INSTITUTE 16 8 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 5 Table 16.2 | Sample Chief Compliance Officer’s Report to the Board of Directors 2. Registration (brief description of registration program) New registrations (including enhanced due diligence or fit and proper review) Registrants on enhanced (close or strict) supervision Regulatory reporting/filing Filings to the Complaints and Settlement Reporting System (regulatory investigations/client complaints) Suspicious transaction reporting Other gatekeeper reports Disciplinary matters (internal and external) Continuing education cycle update 3. Supervision (brief description along with conclusions for each in terms of statistics, number of queries, delays in supervisory reports and effectiveness of control environment); business conduct supervision (trades, marketing, financial planning, and outside activity) Daily supervision Monthly supervision Quarterly supervision Branch supervision Branch audit program Anti-money laundering 4. Complaint handling, litigation, and other external regulatory reviews (brief description along with statistics, settlements, exposure, references to any material matters, and references to disposition by regulators, e.g., a referral to enforcement and warning letters) Complaints Internal investigations External client litigation Ombudsman for Banking Services and Investments CIRO investigations Provincial securities commissions investigations 5. Financial compliance (brief description and reference to any concerns regarding risk adjusted capital, margin, and other financial details) 6. Regulators and regulatory updates (brief description of each audit as well as conclusions and findings; in particular, any significant findings or repeat findings) Regulatory audits (audits by CIRO, provincial securities commissions, or FINTRAC) Regulatory sweeps and questionnaires Regulatory developments (e.g., reference to draft or proposed guidance issued by regulators) © CANADIAN SECURITIES INSTITUTE CHAPTER 16      REPORTING REQUIREMENTS 16 9 Table 16.2 | Sample Chief Compliance Officer’s Report to the Board of Directors 7. Policies and procedures New policies and procedures Updating process (i.e., frequency) 8. Compliance department training (and branch field training) New training sessions and content Annual compliance attestation process (if applicable) 9. Ongoing and future compliance initiatives Description of any special matters (e.g., involvement in transactions, Canada’s Anti-Spam Law, cyber- security, and similar matters) Description of any special ongoing projects (e.g., review of business units to assess compliance, outside activities, conflicts of interest analysis, Client Relationship Model, and other special projects) 10. Effectiveness of control environment Operational considerations and deficiencies Evaluation of existing reporting and effectiveness Conclusions ULTIMATE DESIGNATED PERSON The CCO has specific reporting obligations to the UDP relating to ongoing issues as they arise that create immediate compliance risk for the dealer member. In addition to these reporting requirements, the CCO should be in regular contact with the UDP. The CCO have access to the UDP (and the board of directors) whenever necessary or advisable. Typically, the CCO and the UDP have a regularly scheduled meeting time for the communication of all compliance-related issues to the UDP. The frequency of these meetings largely depends on the state of compliance at the dealer member. Regardless of frequency, all such discussions (which may relate only to specific issues) should be clearly documented, as well as the manner in which resolution of the issue will be achieved. FREQUENCY OF REPORTING The annual CCO’s report represents the minimum level of acceptable reporting to the board, as necessary. In addition, the Universal Market Integrity Rules require the compliance department to report the results of its monitoring to management and, as appropriate, to the board of directors. The CCO should discuss with the board of directors, management, and the UDP the possibility of monthly or quarterly reporting, rather than annual. The content and form of this extra reporting should be similar or identical to that of the annual report. A best industry practice is for the CCO to report to the board on a quarterly basis. This more frequent reporting helps establish the importance of the compliance function at the dealer member beyond the minimum requirements. Given its position of liability, the board of directors is likely to desire this added transparency. The CCO should also be included in regular operational meetings between other business unit leaders. Certain compliance initiatives are likely to affect other areas of the dealer member (such as the information technology department). By engaging with the unit leaders, the CCO helps to ensure that they take steps to implement such initiatives accordingly. © CANADIAN SECURITIES INSTITUTE 16 10 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 5 OTHER REPORTING OBLIGATIONS 3 | Identify the other reporting obligations a chief compliance officer should be aware of. In addition to specific obligations of the CCO to report on matters and escalate them, the dealer member and its registrants have other reporting and disclosure obligations. They vary from the dealer member’s requirements to report client complaints to the individual registrants’ obligation to report changes in their registration to the dealer member. A list of all reporting obligations should be included in the dealer member’s policy and procedures manual. The dealer member should be particularly aware of the time requirements for reporting the events and issues discussed in previous chapters. The following are examples of items that must be reported: Changes to information contained in a registrant’s uniform application Any disciplinary action against the dealer member or individual registrant All customer complaints in writing, other than service complaints Securities-related civil claims filed against the dealer member or any current or former registrant The commencement of an internal investigation by the dealer member Cybersecurity incidents Client complaints or legal matters are often received at the branch level or outside of head office directly by individual registrants. The dealer member and the CCO should make sure that the dealer member’s policy and procedures contemplate appropriate complaint handling and other mechanisms to ensure that, when such matters are received, they are automatically escalated to the compliance department. The dealer member will thus be able to meet its reporting obligations under CIRO rules, as well as its obligations to handle client complaints and other matters in a time-sensitive manner. The dealer member should remind individual registrants of these obligations on a timely basis, such as through monthly communication. All pending legal actions must be reported to head office, although a specific level of seniority is not specified. This action ensures that employees and business locations report such matters to the firm and do not handle them independently. A dealer member’s procedures must ensure that senior management is aware of complaints of serious misconduct and all legal actions. If the complaints are significant, the dealer member should review internal procedures and practices, and submit any recommended changes to management. To meet these reporting obligations, the CCO should act to ensure that an effective mechanism exists for reporting complaints and legal actions to senior management and to the board. Because of the risks associated with complaints and legal actions (including reputational, financial, and regulatory exposure), prompt and accurate reporting is necessary so that appropriate actions can be taken. The isolated or combined circumstances that lead to complaints and legal action may indicate misconduct or a deficiency in the control environment. The nature and potential exposure of each issue determines to which level it should be communicated. The responsibility to report complaints and legal actions may fall outside the compliance department in some cases. If so, the CCO should implement policies requiring employees to report all relevant details. The CCO’s policies should also ensure that each complaint and legal action is assessed for any compliance implications. SYSTEMIC AND TREND ANALYSIS Whether overall metrics and trend analysis should be incorporated into a dealer member’s reporting depends on the size of the organization: the larger the firm, the more important they are. In larger firms, senior management and the board of directors may not be informed of specific issues and situations that are not material in nature. © CANADIAN SECURITIES INSTITUTE CHAPTER 16      REPORTING REQUIREMENTS 16 11 Part of the CCO’s mandate is to establish and manage surveillance and monitoring processes, and to assess how effective the processes are. Each individual result may not be significant, but the different results may indicate systemic issues or risk areas when viewed as a group. EXAMPLE A compliance review of one business location should identify its issues and overall level of compliance specific to that business location. The results of 10 business location reviews, on the other hand, may identify structural issues that contribute to compliance weaknesses in all branches. Aggregation and trend analysis can facilitate performance monitoring by measuring whether the number of client complaints is increasing, staying the same, or decreasing. More refined and elaborate trend measurements can also be developed. Although the factors leading to the various results should be considered to help determine the cause, measurement can identify potential risk areas. Measurement can also provide quantified indicators of how effective the dealer member is in its overall compliance. Chief compliance officers must monitor regulatory developments and assess the impact of new and revised regulations. Policies and procedures may need to be modified in response to regulatory changes. Operational and system changes may also be necessary. Regulatory changes may further affect the dealer member’s existing or planned business. The CCO should act to ensure that management and the board are aware of pending regulatory changes with plenty of lead time, and that any implications have been identified and are being addressed. Regulatory initiatives often provide guidance on current regulatory expectations, even if specific regulations have not yet been enacted. Notice of a regulatory proposal also gives management the opportunity to assess, comment on, and otherwise participate in the rule formation process. The volume and uncertainty of regulatory change poses a challenge for any reporting process. The number and complexity of regulatory proposals have increased significantly, and this trend is expected to continue. Regulatory proposals often change significantly as they evolve into actual regulations, and the timing of enactment is typically uncertain. For these reasons, good judgment should be applied when reporting regulatory proposals. © CANADIAN SECURITIES INSTITUTE 16 12 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 5 SUMMARY In this final chapter of the Chief Compliance Officers Qualifying Exam course, we discussed the reporting obligations of both the dealer member in general and the CCO specifically. We discussed that a key responsibility of the CCO is to ensure effective and prompt reporting of compliance-related matters, and proper escalation of problems and issues. We discussed what CIRO considers to be the minimum reporting obligations. We also discussed that the CCO must provide an annual report to the board of directors that assesses compliance by the dealer member and its staff with CIRO rules and securities legislation in general. A key point to remember is that, in addition to their reporting requirements, CCOs should have access to the UDP and the board of directors whenever they consider it necessary, and all such discussions should be clearly documented. Regarding the frequency of reporting, we discussed a best industry practice, which is for the CCO to report to the board on a quarterly basis. Frequent reporting helps establish the importance of the compliance function at the firm beyond the minimum requirements. We also touched briefly on other duties, including the requirement to report client complaints and the obligations upon individual registrants to report changes in their registration to the dealer member. In discussing trend analysis, we explained that the decision to incorporate such metrics into a firm’s reporting depends on the size of the organization: the larger firm, the more important they are. And finally, we discussed a very important requirement of the CCO, which is to monitor regulatory developments and assess the impact of new and revised regulations on the firm’s policies and procedures. © CANADIAN SECURITIES INSTITUTE

Use Quizgecko on...
Browser
Browser