Canadian Securities Institute - Chief Compliance Officer Qualifying Exam PDF 2024

Summary

This is a study guide for the Chief Compliance Officers Qualifying Examination, offered by the Canadian Securities Institute in 2024. It covers the roles and responsibilities of compliance officers in the Canadian investment industry, exploring regulations and industry risks. The guide outlines key topics like regulatory environment, risk management, and ethical decision-making.

Full Transcript

CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION Credentials that matter. ® THE CANADIAN SECURITIES INSTITUTE The Canadian Securities Institute (CSI) has been setting the standard for excellence in life-long education for financial professionals for 50 years. CSI is part of Moody’s...

CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION Credentials that matter. ® THE CANADIAN SECURITIES INSTITUTE The Canadian Securities Institute (CSI) has been setting the standard for excellence in life-long education for financial professionals for 50 years. CSI is part of Moody’s Analytics Training and Certification Services, which offers education programs and credentials throughout the world. Our experience training over one million global professionals makes us the preferred partner for individuals, financial institutions, and regulators internationally. Our expertise extends across the financial services spectrum to include securities and portfolio management, banking, trust, and insurance, financial planning and high-net-worth wealth management. CSI is a thought leader offering real world training that sets professionals apart in their chosen fields and helps them develop into leaders who excel in their careers. Our focus on exemplary education and high ethical standards ensures that they have met the highest level of proficiency and certification. CSI partners with industry regulators and practitioners to ensure that our programs meet the evolving needs of the marketplace. In Canada, we are the primary provider of regulatory courses and examinations for the Canadian Investment Regulatory Organization (CIRO). Our courses are also accredited by the securities and insurance regulators. CSI grants leading designations and certificates that are a true measure of expertise and professionalism. Our credentials enable financial services professionals to take charge of their careers and expand their skills beyond basic licensing requirements to take on new roles and offer broader services. CSI is valued for its expertise, not only in the development of courses and examinations, but also in their delivery. CSI courses are available on demand in a variety of formats, thus enabling anytime, anywhere learning. We are continually leveraging new technology and pedagogical tools to meet the changing needs of learners and their organizations. TELL US HOW WE’RE DOING At CSI, we make every effort to ensure that what you learn is accurate, practical, and well written, and we update our courses regularly. However, we recognize that there is always room for improvement, so please let us know what you think. Your feedback counts in helping us keep our learning content fresh and accurate. You can submit comments, suggestions, or concerns to [email protected] © CANADIAN SECURITIES INSTITUTE CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION PREPARED & PUBLISHED BY CSI 200 Wellington Street West, 15th Floor Toronto, Ontario M5V 3C7 625 René-Lévesque Blvd West, 4th Floor Montréal, Québec H3B 1R2 Telephone 416 364 9130 Fax 416 359 0486 Toll-Free 1 + 866 866 2601 Toll-Free Fax 1 + 866 866 2660 Website www.csi.ca Credentials that matter.® Copies of this publication are for the personal use Notices Regarding This Publication: of properly registered students whose names are This publication is strictly intended for information entered on the course records of the Canadian and educational use. Although this publication is Securities Institute (CSI)®. This publication may not designed to provide accurate and authoritative be lent, borrowed or resold. Names of individual information, it is to be used with the understanding securities mentioned in this publication are for the that CSI is not engaged in the rendering of financial, purposes of comparison and illustration only and accounting or other professional advice. If financial prices for those securities were approximate figures advice or other expert assistance is required, the for the period when this publication was being services of a competent professional should be prepared. sought. Every attempt has been made to update securities In no event shall CSI and/or its respective suppliers industry practices and regulations to reflect be liable for any special, indirect, or consequential conditions at the time of publication. While damages or any damages whatsoever resulting from information in this publication has been obtained the loss of use, data or profits, whether in an action from sources we believe to be reliable, such of contract negligence, or other tortious action, information cannot be guaranteed nor does it arising out of or in connection with information purport to treat each subject exhaustively and should available in this publication. not be interpreted as a recommendation for any specific product, service, use or course of action. CSI © 2024 Canadian Securities Institute assumes no obligation to update the content in this All rights reserved. No part of this publication may publication. be reproduced, stored in a retrieval system, or transmitted in any form by any means, electronic, A Note About References to Third Party Materials: mechanical, photocopying, recording, or otherwise, There may be references in this publication to third without the prior written permission of CSI. party materials. Those third party materials are not under the control of CSI and CSI is not responsible for the contents of any third party materials or for any changes or updates to such third party materials. CSI is providing these references to you only as a convenience and the inclusion of any reference does not imply endorsement of the third party materials. Identifiers:  ISBN 978-1-77176-731-6 (print) ISBN 978-1-77176-732-3 (ebook) First printing: 2007 Revised and reprinted: 2011, 2014, 2015, 2016, 2017, 2018, 2020, 2022, 2023, 2024 Copyright © 2024 by Canadian Securities Institute Introduction COURSE INTRODUCTION Welcome to the Chief Compliance Officers Qualifying Examination Course! The Canadian Investment Regulatory Organization (CIRO) sets the standards for its member firms and regulates the actions and behaviours of its individual registrants, including chief compliance officers (CCOs) of investment dealers. Under CIRO’s rules, compliance and supervision is a fundamental responsibility of each dealer member. COURSE DESCRIPTION The Chief Compliance Officers Qualifying Examination Course discusses the rules and regulations of the investment industry and describes the CCO’s role in that context. Throughout this course, we explore the compliance and supervision functions at an investment dealer in order to equip registrants with the proper tools and skills to discharge their obligations properly and effectively. In doing so, they deliver a critical function to the industry as a whole. The course comprises 16 chapters: 1. The Role of Compliance 2. Formal Compliance Structure 3. Canada’s Regulatory Environment and Basic Securities Law 4. Risks Faced by Investment Dealers 5. Leadership 6. Making Ethical Decisions 7. Development of Policies and Procedures 8. Monitoring 9. Opening and Maintaining Accounts 10. Recordkeeping Requirements 11. Client Complaints 12. Registration 13. Trading Desk Supervision 14. Investment Banking 15. Regulatory Investigations 16. Reporting Requirements © CANADIAN SECURITIES INSTITUTE ii CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION TELL US HOW WE’RE DOING! We make every effort to ensure that what you are learning is accurate, practical, and well written. However, we recognize that there is always room for improvement, and we encourage you to provide feedback. You can submit comments, suggestions, or concerns to [email protected]. This edition of the Chief Compliance Officers Qualifying Examination Course textbook was prepared in 2024. The textbook is updated regularly to reflect rapid changes in the investment industry. We thank those students and industry representatives who helped with the updating process, either through their suggestions or by providing or verifying information for the book. © CANADIAN SECURITIES INSTITUTE COURSE INTRODUCTION iii KEY CHAPTER FEATURES Each chapter includes the following learning features: Icons Features Description Learning Objectives The learning objectives should help you to focus your studies on important topic areas. Be sure to read each objective before you begin a chapter because it will specify what you are expected to know after studying the material. To highlight its importance, each objective is linked directly to the chapter’s major headings. Did You Know? This feature provides important information that supports the chapter content, including facts, statistics, clarifications, and insights. Make sure you read these items carefully because they are considered examinable material. Dive Deeper This feature suggests additional reading that will sharpen your understanding and help you stay informed about the financial markets and their regulatory environment. The suggested reading material is not examinable, but if you make a habit of staying informed, you will be seen as competent and trusted participant in the investment industry. Chapter Summaries We close each chapter with a concise summary that helps to reinforce the relationship between the chapter’s material and the learning objectives. The summary may also help you to identify any areas of weakness where you require further study. Review Questions Each chapter has a series of multiple choice review questions that allow you to test your knowledge of the subject. The questions for each chapter are available in the online component of the course. © CANADIAN SECURITIES INSTITUTE CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION Content Overview 1 The Role of Compliance 2 Formal Compliance Structure 3 Canada’s Regulatory Environment and Basic Securities Law 4 Risks Faced by Investment Dealers 5 Leadership 6 Making Ethical Decisions 7 Development of Policies and Procedures 8 Monitoring 9 Opening and Maintaining Accounts 10 Recordkeeping Requirements 11 Client Complaints 12 Registration 13 Trading Desk Supervision 14 Investment Banking 15 Regulatory Investigations 16 Reporting Requirements C Conclusion © CANADIAN SECURITIES INSTITUTE CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION vii Table of Contents SECTION 1 | THE ROLE OF COMPLIANCE AND FORMAL COMPLIANCE STRUCTURE 1 The Role of Compliance 1 3 INTRODUCTION 1 3 COMPLIANCE OVERVIEW 1 4 Internal Responsibilities 1 4 External Stakeholders 1 4 Compliance as a Corporate Governance Issue 1 5 CREATING A CULTURE OF COMPLIANCE 1 6 ROLES OF KEY INTERNAL PLAYERS 1 6 Board of Directors 1 7 Senior Management 1 7 Compliance Department 1 8 Line Managers and Supervisors 1 9 COMPLIANCE DEPARTMENT ORGANIZATION 1 9 Functional Organization of a Compliance Department 1 12 BALANCING REVENUE INTERESTS WITH COMPLIANCE RISKS 1 13 Risks of Noncompliance 1 13 Enforcement Action 1 14 SUMMARY 2 Formal Compliance Structure 2 3 INTRODUCTION 2 3 OVERVIEW OF A FORMAL COMPLIANCE STRUCTURE 2 4 Control Functions at a Dealer Member © CANADIAN SECURITIES INSTITUTE viii CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION 2 6 ROLES AND RESPONSIBILITIES 2 7 Distinction Between Supervisory and Compliance Functions 2 7 The Dealer Member 2 8 Board of Directors 2 8 Management 2 8 Compliance Designations 2 11 Other Designations 2 11 CREATING A SENIOR-LEVEL COMPLIANCE STRUCTURE 2 11 Reporting Requirements 2 12 Audit Committee 2 12 Document Retention 2 12 Combining the UDP and CCO Roles 2 13 Identifying Potential Conflicts of the UDP 2 14 RELATIONSHIPS WITH REGULATORS AND OTHER PARTIES 2 15 Relationships to Line Management, Executive Management 2 15 Promoting the Benefits of Compliance 2 15 Relationships with External Parties 2 16 INTRODUCING BROKER/CARRYING BROKER ARRANGEMENTS 2 16 Types of Introducing Broker/Carrying Broker Arrangements 2 19 Characteristics of a Carrying Broker 2 20 Foreign Affiliates 2 20 Outsourcing Arrangements 2 22 COMPLIANCE GOVERNANCE DOCUMENT 2 22 Content of the Compliance Governance Document 2 23 Reviews and Updates 2 23 Relationship to Policies and Procedures Manual 2 24 SUMMARY 2 25 APPENDIX A © CANADIAN SECURITIES INSTITUTE TABLE OF CONTENTS ix SECTION 2 | CANADA’S REGULATORY ENVIRONMENT AND RISKS FACED BY INVESTMENT DEALERS 3 Canada’s Regulatory Environment and Basic Securities Law 3 3 INTRODUCTION 3 3 OVERVIEW OF THE REGULATORY ENVIRONMENT 3 3 Purpose of Regulation 3 4 Principle-Based Regulation 3 4 KEY LEGISLATION AND PLAYERS IN SECURITIES REGULATION 3 5 The Canadian Investment Regulatory Organization 3 6 Universal Market Integrity Rules 3 6 The Investment Industry Association of Canada 3 6 Canadian Investor Protection Fund 3 7 Provincial Legislation and Agencies 3 9 Corporate Legislation 3 9 Foreign Regulators 3 12 Federal Legislation and Agencies 3 14 THE CRIMINAL CODE OF CANADA 3 14 Principles of Criminal Law 3 14 Offences 3 15 Criminal Process 3 16 Liability Under the Criminal Code 3 16 CIVIL AND COMMON LAW OBLIGATIONS AND LIABILITIES 3 16 Contract Law 3 17 Duty of Care 3 18 Fiduciary Duty 3 20 Duty to Supervise 3 20 Negligence 3 20 Misrepresentation 3 20 Potential Consequences of Civil Litigation 3 21 Potential Defences Against Claims 3 22 SUMMARY © CANADIAN SECURITIES INSTITUTE x CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION 4 Risks Faced by Investment Dealers 4 3 INTRODUCTION 4 3 RISK MANAGEMENT OVERVIEW 4 5 Balancing Compliance and Business 4 5 GENERAL TYPES OF RISK 4 5 Reputational Risk 4 6 External Risk 4 6 Regulatory Risk 4 7 Economic and Political Risk 4 8 Inherent Risk 4 11 Strategic and Tactical Management Risk 4 13 Internal Risk 4 17 Cybersecurity Risk 4 20 A RISK-BASED APPROACH TO COMPLIANCE 4 21 Assessing Risk 4 22 Reducing Risk 4 23 Establishing Checks and Balances 4 23 Using Appropriate Tools and Technology 4 23 Eliminating Unmanageable Risks 4 24 Choosing Between Risks 4 24 RISK-BASED MODELS AND METHODOLOGIES 4 24 CIRO Risk Trend Report 4 25 Industry Compliance Performance 4 26 RISK CONTROLS 4 26 Board, Management, and Staff 4 27 Risk Management Practices 4 27 Business Location Risk Assessments 4 29 BEST PRACTICES IN CREDIT RISK MANAGEMENT 4 30 Performance Incentives and Compensation Programs © CANADIAN SECURITIES INSTITUTE TABLE OF CONTENTS xi 4 31 Litigation and Client Complaints 4 32 Marketing and Sales Practices 4 33 SUMMARY SECTION 3 | CCO SKILL REQUIREMENTS 5 Leadership 5 3 INTRODUCTION 5 3 OVERVIEW OF LEADERSHIP 5 4 Background Experience 5 4 Role Description 5 4 Training 5 5 Regulatory, Industry, and Operational Knowledge 5 5 Leadership 5 5 LEADERSHIP THEORY 5 6 Leadership Approaches 5 8 Leadership Behaviours 5 10 SOFT SKILLS OF LEADERSHIP 5 11 Communication Skills 5 13 Emotional Intelligence 5 13 People Skills 5 14 DEMONSTRATING LEADERSHIP 5 14 Conversations 5 16 Presentations 5 16 Meetings 5 17 Negotiations 5 19 Interviews 5 21 SUMMARY © CANADIAN SECURITIES INSTITUTE xii CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION 6 Making Ethical Decisions 6 3 INTRODUCTION 6 3 OVERVIEW OF ETHICS 6 4 Ethics and Public Trust 6 4 Ethics and Professionalism 6 5 Ethics and Industry Regulations 6 6 Ethics in the Organization 6 7 UNDERSTANDING ETHICAL DILEMMAS 6 7 Right-Versus-Wrong Situations 6 7 Right-Versus-Right Dilemmas 6 8 Conflicts of Interest 6 9 RESOLVING ETHICAL DILEMMAS 6 10 Resolution Principles 6 10 A Framework for Ethical Decision-Making 6 12 Values Underlying Ethical Decision-Making 6 14 SUMMARY 7 Development of Policies and Procedures 7 3 INTRODUCTION 7 3 OVERVIEW OF POLICIES AND PROCEDURES 7 3 Regulatory Requirements for Policies and Procedures 7 4 Distinguishing Policy From Procedure 7 5 DEVELOPING AND AMENDING POLICIES AND PROCEDURES 7 6 WRITING AND FORMATTING POLICIES AND PROCEDURES 7 7 Writing Guidelines 7 8 DISSEMINATING POLICIES AND PROCEDURES 7 8 Reviewing, Revising, and Archiving Policies and Procedures © CANADIAN SECURITIES INSTITUTE TABLE OF CONTENTS xiii 7 9 IMPLEMENTING POLICIES AND PROCEDURES 7 10 Resources 7 11 SUMMARY 8 Monitoring 8 3 INTRODUCTION 8 3 OVERVIEW OF MONITORING AND SURVEILLANCE 8 4 ESTABLISHING MONITORING AND SURVEILLANCE SYSTEMS 8 4 Regulatory Standards 8 5 Internal Controls 8 6 Supervision Versus Compliance Oversight 8 6 Risk-Based Monitoring 8 7 The Concept of Reasonable Assurance 8 9 FORMAL MONITORING TECHNIQUES 8 9 Sampling 8 9 Issue Identification and Review 8 10 Red Flags 8 11 Manual Surveillance 8 11 Systems-Generated Exception Reports 8 11 Inquiry, Research, and Independent Verification 8 11 Follow-Up and Resolution 8 12 Documenting Supervision 8 12 MONITORING A SYSTEM’S EFFECTIVENESS 8 13 Internal and External Examinations 8 13 KEY CONTROL POINTS 8 13 Client Acceptance and Account Approval 8 14 Business Location Supervision 8 15 Retail Activity Monitoring and Surveillance 8 17 Institutional Activity Monitoring and Surveillance 8 18 SUMMARY © CANADIAN SECURITIES INSTITUTE xiv CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION SECTION 4 | APPLICATION OF SKILLS 9 Opening and Maintaining Accounts 9 3 INTRODUCTION 9 3 DOCUMENTATION 9 3 Account Documentation 9 5 Anti-Money Laundering Requirements 9 7 Confirmations and Client Statements 9 7 Portfolio Summaries and Other Non-Official Communications 9 8 Account Performance Reporting for Retail Clients 9 8 Electronic Documents and Signatures 9 8 Advertising, Sales Literature, and Correspondence 9 9 Email, Instant Messaging, and the Internet 9 10 DISCLOSURE AND CONFLICTS OF INTEREST 9 10 Relationship Disclosure for Retail Client Accounts 9 10 Disclosure Statements 9 11 Disclosure of Conflicts 9 13 DEALING WITH ELDERLY AND OTHER VULNERABLE CLIENTS 9 14 Defining the Vulnerable Client 9 14 Compliance and Supervision-Related Issues 9 16 Medical and Law-Related Issues 9 16 EQUITY AND MUTUAL FUND TRADING AND SETTLEMENT 9 16 Equities 9 17 Mutual Funds 9 18 Margin Accounts 9 21 FUNDS AND SECURITIES MOVEMENTS 9 22 Account Transfers 9 23 CAPITAL REQUIREMENTS 9 23 Overdue Cash Accounts 9 24 Acceptable Institutions and Counterparties 9 24 Capital Rules 9 26 The Early Warning System 9 29 PROSPECTUS AND PROSPECTUS-EXEMPT DISTRIBUTIONS 9 29 Prospectus Requirements © CANADIAN SECURITIES INSTITUTE TABLE OF CONTENTS xv 9 29 Prospectus-Exempt Distributions 9 31 Exempt Trade Reports 9 32 Reporting Obligations 9 32 Compliance Concerns Regarding Exempt Issues 9 33 SUMMARY 10 Recordkeeping Requirements 10 3 INTRODUCTION 10 3 GENERAL PROCEDURES REQUIRED FOR RECORDKEEPING 10 3 General Recordkeeping Formats 10 4 REGULATORY RECORDKEEPING REQUIREMENTS 10 4 Requirements of CIRO Rules 10 5 Compliance and Supervision Recordkeeping 10 7 Requirements of the Universal Market Integrity Rules 10 7 Requirements of the Financial Transactions and Reports Analysis Centre of Canada 10 9 Requirements of Privacy Legislation 10 10 Other Recordkeeping Requirements 10 10 RECORD RETENTION AND ACCESSIBILITY 10 12 SUMMARY 11 Client Complaints 11 3 INTRODUCTION 11 3 OVERVIEW OF CLIENT COMPLAINTS 11 3 Types of Complaints 11 4 PREVENTING COMPLAINTS 11 4 Precautionary Measures 11 5 HANDLING COMPLAINTS 11 6 Identifying Complaints 11 6 Designated Complaints Officer 11 6 Complaint Handling Process 11 9 Complaints Analysis © CANADIAN SECURITIES INSTITUTE xvi CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION 11 10 Unresolved Complaints 11 10 ALTERNATIVE DISPUTE RESOLUTION 11 10 Arbitration 11 11 Mediation 11 11 CIVIL LITIGATION 11 12 Demand Letter or Claim 11 12 Privilege 11 16 SUMMARY 12 Registration 12 3 INTRODUCTION 12 3 OVERVIEW OF REGISTRATION 12 4 INDIVIDUAL REGISTRATION & APPROVAL AND RELATED PROFICIENCY REQUIREMENTS 12 4 The Fit-and-Proper Test for Approved Persons 12 5 Proficiency Requirements 12 5 Registration Categories 12 6 Product Approval 12 6 Continuing Education 12 7 Proficiency Exemptions 12 7 Supervisory Functions 12 8 Dual Registration for Securities and Life Insurance 12 8 Alternative Investment Vehicles 12 8 Off-Book Transactions 12 8 Outside Activities 12 9 Financial Planning 12 9 Trade Names 12 9 NATIONAL REGISTRATION DATABASE 12 9 Procedures for Individual Registration 12 11 Cessation of Approved Person Status 12 11 Extended Leave 12 11 Registration After an Absence 12 12 Reporting Changes to Registration Information 12 13 CIRO REGISTRATION HEARING PROCEDURES © CANADIAN SECURITIES INSTITUTE TABLE OF CONTENTS xvii 12 14 JURISDICTIONAL REGISTRATION ISSUES 12 14 Dealing with U.S. Residents 12 16 Dealing with International (Non-U.S.) Clients 12 17 SUMMARY 13 Trading Desk Supervision 13 3 INTRODUCTION 13 3 OVERVIEW OF TRADING DESK SUPERVISION 13 4 Fostering Fair and Efficient Capital Markets and Confidence in Their Integrity 13 5 SECURITIES LEGISLATION 13 6 The Canadian Investment Regulatory Organization 13 7 The Universal Market Integrity Rules 13 7 The Criminal Code of Canada 13 9 SUPERVISION OF TRADING 13 9 Retail Versus Institutional Trading Supervision and Compliance 13 10 Minimum Compliance Procedures 13 10 Gatekeeper Responsibilities 13 11 Employee Personal Trading 13 11 Order Entry and Trading 13 12 Equity Sales and Trading Department: Compliance and Supervision Programs 13 13 Fixed Income Sales and Trading Departments: Compliance and Supervision Programs 13 15 SPECIFIC CONSIDERATIONS IN TRADING SUPERVISION AND COMPLIANCE 13 15 Multiple Marketplaces 13 16 Abusive Trading and Just and Equitable Principles of Trade 13 17 Manipulative or Deceptive Trading 13 18 Improper Orders and Trades 13 21 Best Execution 13 21 Client Priority 13 22 Order Entry and Exposure 13 23 Trading in a Marketplace 13 23 Principal Trading 13 24 Trading Halts, Delays, and Suspensions 13 24 Audit Trail 13 25 Compensation © CANADIAN SECURITIES INSTITUTE xviii CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION 13 25 Other Considerations 13 26 SUMMARY 14 Investment Banking 14 3 INTRODUCTION 14 3 INSTITUTIONAL BUSINESSES 14 3 Institutional Product Lines and Activities 14 3 Institutional Customers 14 4 Minimum Standards for Institutional Account Supervision 14 5 Documenting Supervision 14 5 Employee Personal Trading 14 5 INVESTMENT BANKING 14 6 Underwriting and Syndication 14 6 Information Barriers and Restricted Lists 14 8 Personal Trading Restriction for Investment Bankers 14 8 UNDERWRITING DUE DILIGENCE 14 8 CIRO’s Guidance Respecting Underwriter Due Diligence 14 10 Components of Underwriter Due Diligence 14 15 THE RESEARCH DEPARTMENT 14 16 Specific Requirements for Writing Research 14 17 FINANCIAL ENGINEERING 14 17 Derivatives and Complex Products Compliance and Supervision Program 14 18 New Product Approvals and Know Your Product 14 20 SUMMARY SECTION 5 | REGULATORY INVESTIGATIONS AND REPORTING 15 Regulatory Investigations 15 3 INTRODUCTION 15 3 INTERNAL INVESTIGATIONS 15 4 CIRO Requirements for Internal Investigations © CANADIAN SECURITIES INSTITUTE TABLE OF CONTENTS xix 15 4 Universal Market Integrity Rules Requirements for Internal Investigations 15 5 Internal Investigation Guidelines 15 9 EXTERNAL INVESTIGATIONS 15 9 Investigations by the Securities Regulatory Authorities 15 11 Investigations by Other Legal and Regulatory Authorities 15 14 Market Regulation Investigations by CIRO 15 15 Montreal Exchange/Bourse de Montréal 15 15 Investigations by Police Forces 15 16 Foreign Regulators 15 16 HANDLING EXTERNAL INVESTIGATIONS 15 17 SUMMARY 16 Reporting Requirements 16 3 INTRODUCTION 16 3 OVERVIEW OF REPORTING REQUIREMENTS 16 4 REPORTING TO MANAGEMENT AND THE BOARD OF DIRECTORS 16 4 Management 16 4 Board of Directors 16 9 Ultimate Designated Person 16 9 Frequency of Reporting 16 10 OTHER REPORTING OBLIGATIONS 16 10 Systemic and Trend Analysis 16 12 SUMMARY C Conclusion © CANADIAN SECURITIES INSTITUTE SECTION 1 THE ROLE OF COMPLIANCE AND XXX FORMAL COMPLIANCE STRUCTURE 1 The Role of Compliance 2 Formal Compliance Structure © CANADIAN SECURITIES INSTITUTE The Role of Compliance 1 CONTENT AREAS Compliance Overview Creating a Culture of Compliance Roles of Key Internal Players Compliance Department Organization Balancing Revenue Interests with Compliance Risks LEARNING OBJECTIVES 1 | Describe the role of compliance in the securities industry. 2 | Explain what is meant by a culture of compliance. 3 | Identify the roles of the key internal players in a culture of compliance. 4 | Identify the organizational structure of a typical compliance department. 5 | Discuss the risks of noncompliance. © CANADIAN SECURITIES INSTITUTE CHAPTER 1      THE ROLE OF COMPLIANCE 1 3 INTRODUCTION The securities industry in Canada and globally is characterized by increased regulation and an ever-growing need for high compliance standards. Securities regulators require that investment dealers maintain a permanent and effective compliance function. The objectives of this function are to provide supervision, prevent misconduct, and promote ethical standards. Fulfillment of these objectives is essential to create fair and orderly markets and, ultimately, to foster investor confidence. The term compliance function refers to the staff members who carry out compliance responsibilities; it does not describe a prescribed organizational structure. The regulatory requirements for a compliance structure are flexible, given that each investment dealer is unique, and that business models and products offered vary from one dealer to the next. However, all investment dealers are alike in that compliance should be viewed as an integral part of general business activities, rather than as an isolated activity of the compliance department. Everyone at the investment dealer, including the board of directors (or equivalent), employees, and agents, should therefore understand the standards of conduct that apply to their role, regardless of whether they are registered with or approved by the securities regulators. In this chapter, we discuss the concept of compliance, with particular focus on the need for a culture of compliance within an investment dealer that is a member of the Canadian Investment Regulatory Organization (CIRO). We also examine how the nature of compliance and the roles of key internal players at a dealer member have evolved to meet the current requirements of regulators in the securities industry. The goal of these requirements is to reduce the risk of financial loss, regulatory or civil sanctions, and reputational harm to the firm and the industry. COMPLIANCE OVERVIEW 1 | Describe the role of compliance in the securities industry. The compliance function has evolved over time as business philosophies and the expectations of regulators and customers have changed. Historically, compliance was a reactive process. Its role was to monitor for violations of rules, regulations, and internal policies. Its purpose was to identify potential issues at an early stage, including patterns of improper behaviour or activities, material or systemic weaknesses, and product-specific problems. Once identified, the compliance department would report issues to management, along with their recommendations. Management, in turn, was responsible for resolving problems quickly. Today, compliance is a proactive function with a broadened role. Surveillance is now accompanied by an equally important advisory function, along with day-to-day risk management. Rather than review past transactions to identify violations, as in the past, the emphasis is on developing and implementing a continual culture of compliance. This responsibility includes forecasting trends and creating supervisory platforms based on those forecasts. The expanded responsibilities of the role place increased demands not only on compliance personnel but on every employee of a dealer member. To have an effective compliance department, an investment dealer member of CIRO must have an infrastructure based on dynamic policies and procedures and robust training initiatives, monitoring systems, and advice channels. The firm must also appoint a chief compliance officer (CCO) to oversee the department and manage compliance issues within the firm. The CCO cannot create a compliance culture single-handedly; however, the person in that role must be able to build the framework and provide the leadership required to make it work. The day-to-day work of compliance is generally a function of staff members who continually monitor and assess the firm for compliance with regulatory requirements. They report and advise internally on any concerns, including whether there are appropriate policies and procedures in place to address possible compliance issues. Compliance staff is also responsible for identifying and preventing violations of regulatory requirements by all employees and clients. The dealer member’s compliance function has a significant impact on its culture and ethics. It manages the risk of legal or regulatory sanctions, financial loss, and damage to the firm’s reputation that can result from violations. © CANADIAN SECURITIES INSTITUTE 1 4 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1 INTERNAL RESPONSIBILITIES The compliance function performs the following internal activities: Advising day-to-day on rules and regulations Establishing and updating compliance policies and procedures on a regular schedule and when the need arises Monitoring and interpreting regulatory developments Providing mandated training and education Liaising with regulators Promoting and delivering a compliance culture within the firm Taking preventive measures to ensure that employees comply with rules and regulations Enforcing the dealer member’s policy manual and applicable industry rules, and imposing discipline Reviewing business opportunities from a compliance perspective, including new products and markets EXTERNAL STAKEHOLDERS Today’s compliance function must monitor the needs of investors, customers, regulators, auditors, and the public. To a lesser extent, compliance staff must consider the expectations of analysts, rating agencies, partners, peers, and the media. In response to these external stakeholders’ needs, and also as a way to maintain a fair and equitable marketplace, regulators have substantially increased their demands on market participants. Monitoring of external stakeholders’ needs by the compliance function might include any of the following activities, depending on the stakeholder: Maintaining ongoing dialogue with regulator partners such as CIRO, the provincial securities administrators, and the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) Monitoring industry-specific press coverage, particularly as it relates to other market participants’ regulatory breaches Tracking civil litigation and consumer concerns Monitoring industry-wide developments by participating in continuing education forums Remaining current with regulatory notices, including those issued from other non‑industry-specific bodies (such as the Canadian Radio-television and Telecommunications Commission regarding anti-spam initiatives) Sitting on industry committees Monitoring shareholder expectations through ongoing dialogue and feedback from the board of directors Monitoring consumer expectations by regularly reviewing customer surveys and complaints Maintaining regular, frequent, and sometimes daily contact with senior and line management COMPLIANCE AS A CORPORATE GOVERNANCE ISSUE Risk to reputation is currently one of the largest risks facing financial organizations. For that reason, the focus on more stringent standards of governance remains strong, especially in light of recent financial crises. Heightened standards imposed by regulators on dealer members emphasize transparency, heightened disclosure to clients, accountability, ethical behaviour, enhanced governance, and stronger risk management and compliance capabilities. However, it is evident that mere compliance with laws and regulations is inadequate to protect against this risk; it must be accompanied by compliance with internal governance, ethics, and risk policies. Dealer members should integrate their governance, risk management, and compliance activities to protect themselves from reputational damage. Furthermore, they recommend that these activities be linked to © CANADIAN SECURITIES INSTITUTE CHAPTER 1      THE ROLE OF COMPLIANCE 1 5 organizational performance measures. And, finally, to achieve success, the focus must shift to integrity and compliance as an organizational goal, and not merely a function of the law. Dealer members must establish a culture of compliance by promoting and rewarding compliant behaviour and penalizing behaviour that violates the compliance principles of the organization and the industry. Part of this initiative involves establishing a culture where compliant behaviour is seen as something that is willingly done, rather than something that must be done. EXAMPLE With the recent severe market volatility resulting from the global COVID-19 pandemic, we have seen unprecedented impacts on both client account balances and dealer operations. In these situations, the compliance function of dealer members has been tested by both volatility and clients’ fear for their financial well- being. Mere compliance with industry rules, expectations, and guidance is not enough to protect registrants in such circumstances; individual registrants must also understand why the rules are in place. The mischief they are designed to prevent can sometimes only become apparent in the face of a crisis such as COVID-19. Put another way, dealer members must comply not only with the letter of industry rules, but also with the principles behind them. For example, a dealer member that fails to implement CIRO’s guidance relating to cybersecurity will quickly have realized during the global pandemic that their entire operations were susceptible to heightened attacks that take advantage of systems weakened by a crisis. During the pandemic, problems might arise from poorly thought-out work-from-home arrangements or the use of personal devices on unsecured networks. Dealer members that fail to value the true importance of compliance or to communicate to staff why it is important will suffer during these types of events, and, by extension, so will their clients. CREATING A CULTURE OF COMPLIANCE 2 | Explain what is meant by a culture of compliance. A culture of compliance is difficult to describe precisely. It is generally a culture where everyone acts as they should, but it does not necessarily grow out of rules, policies, and procedures. The culture of an organization is defined by the behaviours it accepts and rewards. CIRO measures the extent to which its dealer members foster a culture of compliance through a process of observation, audits, and reviews. Regulators observe the firms’ activities and evaluate their responses to an enquiry, which includes the following types of questions: How frequently do clients complain of improper business dealings? How many unresolved client complaints exist? How quickly and thoroughly does the firm respond to client complaints? How reliable are reports that complaints have been resolved? Does the firm have a reputation for failing to resolve client or regulatory complaints quickly? Is a firm’s relationship with the regulator consultative or reactive regarding compliance issues? Is compliance a primary concern for the firm, or an afterthought in response to an enquiry? Is compliance a part of the firm’s ongoing training? Are all employees trained in compliance, or only particular employees? How does the firm deal with employees who violate rules and regulations? Are employees who have committed comparable violations treated equally? © CANADIAN SECURITIES INSTITUTE 1 6 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1 In an organization with a culture of compliance, employees obey the spirit of the law, not merely the letter of the law. In ambiguous situations, they can be relied on to make ethical and compliant decisions. A dealer member’s success depends on its ability to ingrain a culture of integrity and ethical values. In an organization without such a well-developed culture of compliance, ethical dilemmas are allowed to go unresolved or are resolved in a noncompliant way. Ultimately, the goal of a culture of compliance is to be able to rely on all employees to act in a compliant manner in all situations. When in doubt, employees in a compliant culture understand that escalation to senior management is an appropriate measure. In addition, in the current principles-based approach to regulation, the regulators allow flexibility in the implementation of a compliance system in recognition that the business model of one dealer member is very different than that of another. However, this flexibility can create uncertainty in dealer members where a culture of compliance does not exist. In assessing what is acceptable, employees are more inclined to respond to the behaviour of their firm’s leaders than they are to a code of ethics or set of rules. If a senior manager or director acts unethically, their employees are also likely to act unethically. Conversely, when the firm’s leaders act ethically, reward ethical behaviour, and penalize unethical behaviour, they foster a culture where employees can be relied on to act compliantly. Such a culture is known as “tone at the top.” ROLES OF KEY INTERNAL PLAYERS 3 | Identify the roles of the key internal players in a culture of compliance. Many groups and individuals with distinct interests are involved in the compliance function and in developing the compliance culture of a dealer member. At a minimum, they include the board of directors, senior management, the compliance department, and the line managers and supervisors. The compliance role of each of these groups is described in detail below. BOARD OF DIRECTORS Directors are elected by the shareholders of a firm and are accountable to them for achieving corporate objectives. The board of directors also represents the corporation and establishes the environment in which management and staff undertake corporate objectives. The board is also obligated to act in the best interests of the corporation. Directors are generally not active in the day-to-day operations of a dealer member. Instead, they are responsible for developing strategies to carry the business into the future while managing associated business risks. One of their main objectives is to set strategic goals and identify issues that must be addressed to achieve those goals. Two substantial business risks they must consider are compliance risk and regulatory risk. However, it is not their role to verify that the firm and its staff are in compliance with the relevant requirements. Another of the board’s responsibilities is to establish the firm’s ethical code. No single model of ethics can be prescribed because such codes must address the firm’s particular business. Nevertheless, the conduct of the directors in their activities, both in and outside the firm, becomes part of the firm’s compliance culture and sets an example for employees. A dealer member’s board of directors must act on reports received from the CCO. The board must also establish the firm’s corporate governance structure and integrate it with the risk management and compliance functions. When integration is successful, the firm and its representatives are more likely to comply with rules and regulations than a firm where governance and compliance are at odds. © CANADIAN SECURITIES INSTITUTE CHAPTER 1      THE ROLE OF COMPLIANCE 1 7 SENIOR MANAGEMENT The primary responsibility for developing a firm’s culture of compliance falls on senior management. The CCO is an integral member of this group but without the ongoing support of senior management, it is virtually impossible to establish such a culture within a firm. Under CIRO’s Investment Dealer and Partially Consolidated (IDPC) rules, a member of the firm’s executive management must be appointed as Ultimate Designated Person (UDP). In almost all circumstances, the person designated is the president or chief executive officer of the dealer member. DID YOU KNOW? In 2023, the CSA approved the merger of IIROC and the MFDA into a single self-regulatory organization (SRO) known as CIRO. The new SRO has assumed the regulatory responsibilities of the MFDA and IIROC and will operate under an interim set of rules until a new rule book is developed. The IDPC rules govern investment dealers and dually registered dealers. Mutual fund dealers are governed under the Mutual Fund Dealer rules. In this textbook, we focus on the IDPC rules, which we refer to interchangeably as “CIRO rules.” IIROC guidance remains in effect and will be updated to reflect the new rules. The UDP must oversee the development and implementation of adequate written policies and procedures. Upon their establishment, senior management must make sure that all employees understand their responsibilities. Changes to written policies and procedures should be communicated to staff through compliance memos or regular meetings and supplemented with continuing education programs. It is senior management’s responsibility to communicate such information, but they often delegate the task to the compliance department. Directors and senior management must also establish an ethical climate by showing strong support for the firm’s compliance function, prioritizing compliance goals, and demonstrating compliant behaviour. Only in an environment that promotes such a tone at the top can line managers and employees view the compliance function as a key institutional process. This outlook enables them to work cooperatively to achieve business objectives despite the many challenges posed by the regulatory framework. CIRO rules also require that the firm’s CCO report to the board of directors at least annually on the status of compliance. These requirements help to ensure that the senior management team members accept a critical role in establishing a culture of compliance and that they understand their accountability. Finally, senior management must allocate adequate resources to the compliance department and grant the necessary authority to supervisory personnel so that they can implement and enforce the firm’s policies and procedures. COMPLIANCE DEPARTMENT The role of the compliance department has become increasingly important in recent years. This department plays a central part in implementing and monitoring many regulatory initiatives. Such initiatives include new processes regarding anti-money laundering, client identification, corporate governance, and privacy. Compliance departments also help senior and line managers promote a culture of compliance within firms and oversee staff training on compliance issues. The CCO, as the title suggests, is the head of the compliance department. He or she monitors activities at the firm to ensure that staff members adhere to policies and procedures, that the compliance function is managed effectively, and that regulatory standards are met. The CCO must establish and maintain policies and procedures for assessing compliance by the dealer member, and it must report the results of this assessment to the board of directors at least annually. The CCO must also report all material incidents of noncompliance to the UDP. The CCO’s role can be fulfilled only with the ongoing support of senior management and the board of directors. © CANADIAN SECURITIES INSTITUTE 1 8 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1 Under normal circumstances, the compliance department does not have direct authority over line staff, such as sales or trading employees. This limited authority restricts the department’s ability to act when violations are brought to the attention of line managers. However, the role of the compliance department is evolving. At most firms, the compliance department has the power to reverse or restrict transactions that it deems to be in violation of regulatory requirements or that could be perceived as unethical. By assuming responsibility for business decisions in such cases, however, the compliance department may also be assuming regulatory responsibility for its action or inaction. We discuss the organizational structure of a typical compliance department later in this chapter. LINE MANAGERS AND SUPERVISORS The primary objective of line managers and supervisors at a dealer member is to meet specific production goals established by their superiors. Therefore, their focus is often on revenue. However, new regulations highlight the added importance of the compliance culture and function within the firm. Some high-profile compliance failures have shown that violations can be incalculably costly to the violating firm. As a result, line managers and supervisors today are much more likely than in the past to view the compliance department as a valuable resource and a partner to the business. It is critical that line managers and supervisors understand that, although their objectives for revenue are paramount, this revenue cannot be earned or achieved without the compliance department. In the past, compliance has typically been viewed skeptically as anti-business; however, it has always been the case that the opposite is true. Compliance should be viewed as a partner with business because the business would not exist without it. Line managers and supervisors are also increasingly held accountable not only for the revenue-generating activities of their staff, but also for their regulatory lapses. In effect, this accountability is the foundation of a culture of compliance within a dealer member. To reduce the possibility of regulatory action, litigation, and reputational harm, managers and supervisors now stress to their staff the importance of being compliant while continuing to meet revenue objectives. Employees typically look to management for guidance regarding their organization’s culture, and they respond accordingly. In a compliance-focused culture, managers encourage employees to ask compliance-related questions about their firm’s products, services, and business activities. Because not all compliance issues have easy answers, management should provide a forum for their resolution, along with education and training. EXAMPLE A dealer member’s new proprietary investment product has the potential to generate significant revenue. Because it has several underlying and embedded complexities, the firm realizes that, purely from a risk perspective, the product might not be suitable for all clients; many clients may simply have an inappropriate risk tolerance. In addition to the issue of suitability, the proprietary nature of the product is also a concern. Because there are many similar products in the marketplace for clients to choose from, the dealer member must consider compensation conflicts in recommending the product to clients. The good news is that the firm’s product has tangible differences that clearly set it apart from those of industry competitors. A recommendation to purchase it can therefore easily be justified to the client (for reasons other than the fact that the competitor’s product pays lower fees to both the firm and the advisor recommending it). Because of these nuances, management decides to provide employees with opportunities to analyze all risks in an appropriate setting, where they are comfortable addressing them. The firm also ensures that its employees feel no hesitation about approaching the compliance department with any questions. This dialogue will take place during the creation of the product, most likely in front of the dealer member’s product review committee. It is standard practice for these types of concerns to be reviewed and analyzed in advance of a product being made available. © CANADIAN SECURITIES INSTITUTE CHAPTER 1      THE ROLE OF COMPLIANCE 1 9 COMPLIANCE DEPARTMENT ORGANIZATION 4 | Identify the organizational structure of a typical compliance department. No single organizational structure fits all compliance departments, because firms vary in their management structure, business lines, and strategies. Factors such as available technology and staff experience play an important role in determining departmental organizations at each dealer member. Supervisory regulations and best risk management practices for particular lines of business also help in determining departmental structures. EXAMPLE A firm that deals with commodity futures and options requires dedicated resources for the supervision and risk management of its business. Other rules, such as those regarding registrations and anti-money laundering, apply equally to all firms and require similar supervisory resources. Some functions may overlap with other departments and can appropriately be housed in one of those departments. Registrations, for example, could logically be a part of the human resources department, rather than the compliance department. Similarly, technology resources might be a part of the information technology department and still be dedicated to supporting the compliance function. FUNCTIONAL ORGANIZATION OF A COMPLIANCE DEPARTMENT Figure 1.1 shows the organizational chart of a typical compliance department at a full-service investment firm. This chart is a simplified version of what an actual structure would look like; few firms would fit precisely into such a simple structure. The organizational charts that follow illustrate some of the functions that would generally fall under each of the second-level headings in the simplified chart. Figure 1.1 | Compliance Department Chief Compliance Officer Investment Retail Institutional Management Registrations and Funds © CANADIAN SECURITIES INSTITUTE 1 10 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1 RETAIL COMPLIANCE Figure 1.2 shows some basic functions of the retail compliance department. Figure 1.2 | Retail Compliance Retail (Advice and No-Advice Channels) Account opening (with specific expertise for different account types) Surveillance Complaint handling and investigations (including regulatory reporting) Anti-money laundering and terrorist financing Retail compliance might include the following additional functions: Developing policies and procedures Providing interpretive advice Providing pre-approval for transactions that require it Approving marketing and surveillance initiatives Overseeing training Reviewing outside activities The number of compliance staff required to fulfill the department’s responsibilities depends on the following factors, among others: An upward or downward shift in business growth may increase or reduce the need for compliance staff. Improvements to information systems can improve efficiency and reduce the need for staff. If the firm operates in multi-jurisdiction locations or in different languages, additional or specialized staff may be required. An alternative method of organizing retail compliance is geographically, with parallel teams responsible for the functional divisions. This structure is depicted in Figure 1.3. © CANADIAN SECURITIES INSTITUTE CHAPTER 1      THE ROLE OF COMPLIANCE 1 11 Figure 1.3 | Retail Compliance Department Organized Geographically Retail (Advice and No-Advice Channels) Western Ontario Québec Atlantic INSTITUTIONAL COMPLIANCE Figure 1.4 shows the functional organization of the compliance department for institutional sales and trading and investment banking. Figure 1.4 | Institutional Compliance Institutional (Sales & Trading and Investment Banking) Account approvals and trade surveillance Research reviews and approvals Firewalls and gatekeeper requirements The institutional sales and trading department and the investment banking department generally have a smaller compliance staff than that required to supervise a full-service advice channel retail business. The reason is that the risk of multiple compliance problems at the institutional level is smaller. However, the potential loss that can result from noncompliance in an institutional business is still significant. Consequently, the level of skill and experience of institutional compliance staff should be high. Some firms, particularly those that trade derivatives and other complex instruments, have dedicated legal staff that works closely with institutional compliance staff. The number of staff required is determined by factors similar to the retail division: volume, nature, and complexity of the business; sophistication of available technology; and the experience and qualifications of existing staff. © CANADIAN SECURITIES INSTITUTE 1 12 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1 INVESTMENT MANAGEMENT The organizational chart of the compliance department of an investment firm is illustrated in Figure 1.5. Figure 1.5 | Investment Management Compliance Investment Management and Funds Legal support Trading surveillance Many investment firms have investment management and investment fund subsidiaries, which also require specific expertise. Typically, the staff required to support this type of business is associated with the firm’s legal department, rather than compliance. An organizational chart specific to the registrations unit is not shown, mainly because the number of staff required for this unit depends on the volume and complexity of the business conducted by the firm. BALANCING REVENUE INTERESTS WITH COMPLIANCE RISKS 5 | Discuss the risks of noncompliance. Finding an appropriate balance between revenue generation and compliance risk is a significant challenge for any dealer member. To address it successfully, senior management must consider the types and extent of risk that the firm is prepared to assume in attempting to increase revenues. Most importantly, deciding whether the business wishes to take on additional risk should be done with advice from the compliance department. By communicating a consistent message to all departments regarding such risks, senior management helps to create a successful relationship between compliance and the rest of the firm. With the help of legal advisors, consultation with regulators, and advance rulings, it is easier to minimize compliance risk than other types of risk such as credit or reputational risk. As the compliance department and the business units become familiar with each other’s perspective, their differences are minimized, and the benefits of cooperation are realized. DID YOU KNOW? The compliance department can often identify potential compliance issues at an early stage of product development and suggest solutions to compliance problems. This partnership approach to business development is a hallmark of firms with a strong culture of compliance. Generally, the compliance department aims to minimize risk, whereas the business units aim to generate maximum revenue. However, a dealer member with a strong compliance culture benefits from both objectives, which are never completely at odds with each other. All employees share the common objective of a profitable and compliant business. If a firm finds that revenue cannot be generated without significant risk, the firm should seriously consider whether that revenue stream should be pursued. © CANADIAN SECURITIES INSTITUTE CHAPTER 1      THE ROLE OF COMPLIANCE 1 13 EXAMPLE Leverage strategies and products that are designed to enhance leverage, such as leveraged exchange-traded funds, can be very effective in certain situations. However, because such strategies and products can increase risk, their use must be supported by facts, for both the clients and the dealer member. RISKS OF NONCOMPLIANCE In the highly competitive securities industry, and especially in tough market conditions, dealer members can be tempted to cut costs by reducing non-revenue-generating compliance staff. However, most firms are aware that the risks related to noncompliance are too great to take this hazardous approach to meeting performance goals. DID YOU KNOW? During the market downturn in 2009, IIROC (now CIRO) cautioned its dealer members of their need to maintain an effective supervision and risk management program, despite the need to reduce expenses. They specifically noted that firms should carefully consider the potentially negative impact of reducing the number of employees in compliance and other control function areas. The three general types of violations are categorized by the laws, rules, or policies that they violate: Criminal violations Civil violations Regulatory violations Penalties for noncompliance vary significantly, depending on the type of violation and the costs of correcting the violation’s effects. The consequences of any type of violation can include disciplinary measures (e.g., fines, suspensions, and in some instances, termination), legal expenses, penalties, and the cost of staff response time. Unlike penalties, legal and staff costs must be paid regardless of the outcome of an investigation. A criminal violation can also result in a prison sentence. Considering the direct costs of noncompliance, and the added intangible costs of lost business, adverse media attention, and loss of reputation, the benefits of a culture of compliance are clear. ENFORCEMENT ACTION CIRO may initiate enforcement action against any member of a dealer member’s staff who violates securities laws or the firm’s requirements or who fails to meet their supervisory obligations. Individuals subject to action may include directors, executives, supervisors, the UDP, the CCO, the chief financial officer, and any other Approved Person. In each case, the person’s conduct will be judged against the standard of a reasonably proficient and diligent person holding the same responsibilities. EXAMPLE Compliance officers could face disciplinary action in either of the following cases: When they fail to identify rule violations consistent with the standard of a reasonably proficient and diligent compliance officer When, after identifying a violation, they fail to escalate it in accordance with the firm’s established escalation procedures © CANADIAN SECURITIES INSTITUTE 1 14 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1 SUMMARY In this chapter, we discussed the evolving role of compliance at a dealer member in today’s regulatory environment. We focused on the firm-wide mandate of the compliance function and the specific responsibilities of the CCO and other compliance department staff. We discussed that the compliance function encompasses surveillance, advice, reporting, and other risk management activities that are necessary to keep a dealer member compliant with current regulations. You should also know the role of the compliance function in maintaining a fair and equitable marketplace. This role involves monitoring the concerns of external stakeholders and keeping up to date with changes in the industry. We also looked at the various roles of the key internal players at a dealer member and explained how they work together to create a culture of compliance that starts at the top and filters down through the entire organization. A key point to remember is the need to create an appropriate balance between managing compliance risk and generating revenue for the firm. Finally, we briefly discussed the risks of noncompliance – a topic we explore in greater detail in Section 5, Regulatory Investigations and Reporting. In the next chapter, we focus on a formal compliance structure and explain what such a structure looks like at a dealer member. © CANADIAN SECURITIES INSTITUTE Formal Compliance Structure 2 CONTENT AREAS Overview of a Formal Compliance Structure Roles and Responsibilities Creating a Senior-Level Compliance Structure Relationships with Regulators and Other Parties Introducing Broker/Carrying Broker Arrangements Compliance Governance Document LEARNING OBJECTIVES 1 | Discuss the mandate and responsibilities of a compliance department, and distinguish between supervision and compliance. 2 | Describe the role and responsibilities of a chief compliance officer, a board of directors, and other designated persons. 3 | Discuss and differentiate between the components of a senior-level compliance structure. 4 | Describe the chief compliance officer’s role in maintaining relationships with regulators and with internal and external parties. 5 | Describe the four types of introducing broker/carrying broker arrangements under the Canadian Investment Regulatory Organization Rules, and list the responsibilities of the introducing broker and the carrying broker for each type. 6 | Develop a compliance governance document. © CANADIAN SECURITIES INSTITUTE CHAPTER 2      FORMAL COMPLIANCE STRUCTURE 2 3 INTRODUCTION In the previous chapter, we discussed the importance of having a properly working compliance function and department at an investment dealer member of CIRO. We focused particularly on the need for a culture of compliance. We also examined how the nature of compliance and the roles of key internal players at a dealer member have evolved to meet the current expectations of regulators in the securities industry. In this chapter, we discuss the formal compliance structures mandated by securities regulation and those that are less formal but dictated by good business practices. The second type may exceed, but not fall short of, regulatory expectations. They are put in place to reflect the acceptable risk profile mandated by the dealer member. In general, this chapter treats the compliance department as a dedicated resource separate from business operations, with full-time staff under the direction and authority of a full-time chief compliance officer. In some dealer members, particularly smaller firms, compliance is carried out by one or more persons who also have business line responsibilities and possibly other operational responsibilities. OVERVIEW OF A FORMAL COMPLIANCE STRUCTURE 1 | Discuss the mandate and responsibilities of a compliance department, and distinguish between supervision and compliance. A formal compliance structure at a dealer member is made up of a compliance function and a compliance department. As discussed in Chapter 1, the compliance function refers to the various staff members who carry out compliance responsibilities at a dealer member. The compliance department is a business unit whose role is to identify, assess, advise on, act on, communicate, monitor, escalate, and report on the dealer member’s compliance with regulatory requirements. General compliance concepts and certain specific requirements apply equally to all dealer members, but the manner in which they are applied depends on the characteristics of the individual firm. For example, a large, integrated, full-service dealer member typically would have an extensive and complex supervisory and compliance control environment because of the many services and products it offers through various channels. A boutique dealer member specializing in a limited range of product and service offerings would have a considerably different structure, as would an introducing broker that relies on its carrying broker to carry out specified activities. Surveillance and monitoring are seen as the primary functions of the compliance department. However, it is also the department’s role to interpret rules and to address and explain compliance issues. Furthermore, the CCO and the compliance department are only part of an effective compliance risk management structure. The department should operate within formal and informal relationships both inside and outside the firm. DID YOU KNOW? The compliance department, and in particular the CCO, is typically the lead relationship contact with all regulators with authority over the dealer member. When designing a formal compliance structure, CCOs should consider the dealer member’s business, corporate structure, and governance framework, which are designed to meet business objectives. They should then define and document the department’s mandate in the context of the total environment. Ultimately, the most effective compliance structure complies with regulatory and risk management requirements in a way that aligns with business objectives. It is important for firms to design a compliance mandate based on business that is actually carried out. The same holds true for supporting documents such as the policy and procedure manual. A pre-ordained compliance structure that is not based on the business actually carried on by the firm will not support the firm in meeting regulatory and compliance expectations. © CANADIAN SECURITIES INSTITUTE 2 4 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1 The terms used and roles played by various departments of a dealer member are not always clear because they vary in the way functional responsibilities are allocated. The term risk management, for example, is used by insurance underwriters, lenders, derivative traders, and compliance officers to mean different things. Similarly, the role of an internal audit department is often confused with the role of the compliance department. Regardless of the differences, however, all departments must be clear about their responsibilities. Dealer members are subject to numerous compliance requirements beyond those imposed by securities regulations. Not all requirements are necessarily the responsibility of the CCO or the compliance department. Non-securities- related requirements include legal and regulatory requirements imposed by employment and corporate statutes, anti-money laundering and terrorist financing regulations, and privacy laws. A firm’s structure and business may impose further obligations. EXAMPLE Client accounts must be handled in accordance with relevant tax regulations overseen by the Canada Revenue Agency. If a dealer member has an agreement with the United States Internal Revenue Service, it must comply with these obligations as a Qualified Intermediary. A dealer member or its parent may also have issued securities to the public and be subject to the obligations of a reporting issuer. The CCO and the compliance department are unlikely to have the necessary expertise or authority to address such issues. A dealer member and its CCO should agree on the CCO’s legal and regulatory responsibilities across the firm. A less-than-explicit statement of a CCO’s mandate can lead to compliance gaps when unanticipated problems arise. A regulator may hold the compliance department or CCO responsible for a compliance failure if responsibility has not been assigned elsewhere. Typically, the CCO’s mandate is stated in his or her job description but it should also be specified in public or firm-facing documentation so that other departments and business units understand the mandate of the compliance department. Each dealer member must assign specific responsibilities to the CCO, and either the board of directors or the UDP should see to it that all other compliance responsibilities are assigned elsewhere. All requirements should be documented, including expectations as well as responsibilities. For example, it should be made clear that the CCO is expected to provide advice when requested and to identify control vulnerabilities within the firm, even those that are not his or her direct responsibility. CONTROL FUNCTIONS AT A DEALER MEMBER Certain securities regulatory functions may be performed by the compliance department or may be assigned to other areas. Typical compliance department functions include the following activities: Developing and maintaining compliance policies and procedures, which typically are published and updated in the dealer member’s policy and procedure manual Monitoring and surveillance (including supervision of Tier 2 trading and onsite business location reviews) Conducting certain pre-clearance and approval activities Providing compliance training, education, awareness, and support Dealing with regulatory examinations, inquiries, and issues Monitoring, participating in, and providing advice on regulatory developments Handling complaints Conducting internal reviews and investigations Maintaining regulatory relationships Reporting internally on compliance matters to management and the board of directors © CANADIAN SECURITIES INSTITUTE CHAPTER 2      FORMAL COMPLIANCE STRUCTURE 2 5 Reporting externally on compliance matters to regulatory authorities Managing registration-related issues Other control functions mandated by securities regulations or other authorities are described below. FINANCE AND ACCOUNTING CIRO requires that dealer members appoint a chief financial officer (CFO) who is typically responsible for managing the firm’s financial and accounting functions. Responsibilities include the maintenance and monitoring of the firm’s capital position as required by regulations. The CFO also oversees activities that are integral to the firm’s business activities, such as budgeting, expenditure controls, and cash management. The regulatory framework does not explicitly distinguish the CFO’s area of accountability from the CCO’s, although accepted industry practice usually draws a distinction between financial compliance and business conduct compliance. However, some operational areas fit equally well under the compliance monitoring of either the CCO or the CFO. Therefore, it is important that the dealer member delineates between the responsibilities of the two positions. CREDIT The credit area of a dealer member typically establishes margin policies and rates to the extent that the firm uses rates lower than those mandated by regulation. It also monitors and enforces firm and client adherence to credit policies and related matters, such as those related to sell-outs and the issuance of margin calls, accounts that are under-margined, and accounts that are in a debit position. AUDIT Dealer members must have periodic external audits of their financial statements and specific financial, operational and control procedures. Larger dealer members may also have an internal audit function that reviews the firm’s risk management, reporting, and control environment. Typically, internal audit departments are aligned with finance departments with a direct reporting link to the audit committee of the board of directors. An audit department might also audit a compliance department, conduct its own business locations audits, or participate in sales compliance audits led by a compliance department. REGISTRATION Most dealer members have a specialist group that handles various firm and individual registration applications, changes, renewals, terminations, and related filings required under securities regulations. This function may exist under the compliance department or the legal department, or it may be a stand-alone department, depending on the complexity of the dealer member’s business model. LEGAL The need for specialist legal resources varies significantly between dealer members, depending on the nature of their business and size. In addition, the CCO may sometimes have a legal background. Legal services are usually required when drafting standard-form client documents and agreements, providing advice on the legal aspects of new products, services and business initiatives, and during litigation and other legal processes. Firms may rely on external counsel or hire internal counsel, either within the compliance department or through a separate general counsel or legal department. If a lawyer within a compliance department (including a CCO who is also a lawyer) provides legal advice to the dealer member, such services must be clearly distinguished from compliance activities. This distinction is necessary to avoid confusion as to whether the advice is being provided by a lawyer or by the CCO. The distinction also preserves the legal privilege of materials, which protects a client’s dealings with a legal advisor from being disclosed without the client’s permission. © CANADIAN SECURITIES INSTITUTE 2 6 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1 Although not required, the legal department is often set up as a separate function from the compliance department for this reason. In such cases, the compliance department operates as a client department, similar to all other departments. In this manner, when required, the compliance department can seek legal advice from the law department and be afforded similar privilege and confidentiality protections that clients typically enjoy. CORPORATE SECRETARY The corporate secretary is responsible for official documents, such as the official seal, records of shares issued, the dealer member’s corporate minute book, and minutes of all board or committee meetings. The secretary usually supports the firm’s governance by organizing meetings, compiling and distributing meeting materials, making sure that certain required resolutions are submitted to the board of directors, and similar administrative functions. This person may also be responsible for filings required by corporate law. RISK MANAGEMENT AND INSURANCE The risk management function is noteworthy because securities regulations impose specific fidelity bond and mail coverage requirements. Risk management is also a key element of the dealer member’s control environment as it relates to trading and credit exposure. Some or all of these responsibilities may be integrated within the compliance department, or the compliance department may form part of these functional areas. Regardless of the structure adopted, the dealer member’s overall compliance framework should delineate the relevant responsibilities. The CCO should act to ensure that internal reporting and communication lines are coordinated so that information is shared between compliance and other departments. The cyclical nature of the investment industry often leads to reductions or increases in staff as the market shifts. CIRO expects its dealer members to maintain effective compliance programs in all market conditions. The firm may have some flexibility in determining the compliance structure, but it must always have adequate staff and resources to meet compliance and control functions. This consideration is particularly important in the context of restructuring. EXAMPLE In many dealer members, various other departments are aligned with the compliance function and share compliance responsibilities. For example, the following three departments share some degree of responsibility: The finance department is generally responsible for ensuring adherence to regulatory capital rules. Interaction with compliance on issues relating to capital is inevitable. The credit department is responsible for the timely settlement of securities trades and for monitoring the use of margin. Many private client compliance problems are complicated by credit issues. Larger dealer members have internal audit departments that conduct audits of head office departments and business locations to assist in ensuring compliance with the internal control standards of the industry. These audits often overlap with sales compliance audits conducted by the compliance department. ROLES AND RESPONSIBILITIES 2 | Describe the role and responsibilities of a chief compliance officer, a board of directors, and other designated persons. CIRO’s IDPC rules set out the dealer member’s obligation to supervise its business and operations and establish a system of controls designed to provide reasonable assurance that the dealer member and its employees are complying with CIRO requirements. Further obligations are imposed by the Universal Market Integrity Rules © CANADIAN SECURITIES INSTITUTE CHAPTER 2      FORMAL COMPLIANCE STRUCTURE 2 7 (UMIR) and by other securities regulatory authorities. These regulatory requirements provide a framework for a dealer member’s formal compliance structure that encompasses the roles, responsibilities, and relationships of the compliance department. Within this framework, the dealer member must create, maintain, and apply written policies and procedures that establish a system of controls and supervision. As part of this system, it must also establish a mechanism to ensure that all registrants are capable of complying with applicable CIRO requirements. This mechanism will typically take the form of ongoing and current training for registrants to support their understanding and awareness of regulatory obligations. DIVE DEEPER IDPC Rule section 3901 (2) states: Appropriate supervision of all aspects of a Dealer Member’s business and operations is a fundamental responsibility of the Dealer Member. The Dealer Member’s policies and procedures that specifically address its supervision system must remain up to date at all times, based on current CIRO requirements and applicable laws. Complete requirements in this regard can be found on CIRO’s website. DISTINCTION BETWEEN SUPERVISORY AND COMPLIANCE FUNCTIONS The supervisory function is very similar, but not identical, to the compliance function. CIRO distinguishes between supervision and compliance as follows: Compliance staff identifies issues and typically refers them to the appropriate supervisor for resolution. Supervisors resolve issues after they have been identified. The supervisor is generally part of the business unit in which the compliance issue occurred. The logic of this arrangement is that the business unit is best able to supervise its own activities. Compliance operates at arm’s length from the business unit and relies on sampling and other techniques to identify compliance issues. It does not normally review every transaction. DIVE DEEPER CIRO guidance further articulates the nuances that distinguish the two functions. See Guidance Note 1400-21-002, The Role of Compliance and Supervision. This Guidance Note relates to Rule 3900, Supervision, and to Rule 1400, Standards of Conduct. For complete requirements see www.CIRO.ca CIRO permits dealer members to combine compliance and supervision. For example, compliance officers may be assigned responsibility for approving new accounts, which is a supervisory responsibility that requires registration. In determining whether a person has supervisory responsibility, CIRO looks at the person’s responsibilities, authority, and functions, and any documentation describing the person’s responsibilities and authority. We examine these roles and responsibilities below. THE DEALER MEMBER Each dealer member must establish, implement, communicate, and maintain effective programs to ensure compliance with applicable rules and regulations. It must also appoint as many supervisors as necessary to properly supervise the business of the firm. Finally, the compliance and supervisory regime must take into account the scope and complexity of the firm’s business. © CANADIAN SECURITIES INSTITUTE 2 8 CHIEF COMPLIANCE OFFICERS QUALIFYING EXAMINATION      SECTION 1 BOARD OF DIRECTORS Under IDPC Rule section 3915, the CCO must report to the board of directors (or its equivalent) about the status of compliance at the dealer member. Reporting must occur as often as necessary, typically on a quarterly basis, but at least annually. The very detailed reports should provide a status report on the state of compliance matters within the firm. The board is required to review the reports and, if any compliance deficiencies are noted, it must decide what actions are necessary to rectify them. It must then make sure that the actions deemed necessary are carried out. The responsibilities of the board in relation to trading are detailed in UMIR under Part 1 Responsibility for Supervision and Compliance of Policy 7.1 Trading Supervision Obligations. This provision restates the dealer member’s obligation to supervise the actions of its employees, directors, and officers to ensure that trading is carried out in accordance with regulatory requirements. The applicable sections of Policy 7.1 read as follows: An effective supervision system requires a strong overall commitment on the part of the Participant, through its Board of Directors, to develop and implement a clearly defined set of policies and procedures that are reasonably designed to prevent and detect violations of Requirements. The Board of Directors of a Participant is responsible for the overall stewardship of the firm with a specific responsibility to supervise the management of the firm. On an ongoing basis, the Board of Directors must ensure that the principal risks for noncompliance with Requirements have been identified and that appropriate supervision and compliance procedures to manage those risks have been implemented. Management and the Board of Directors must ensure that the compliance department is adequately funded, staffed and empowered to fulfill these responsibilities. In performing the trading supervision obligations, the Participant will act as a “gatekeeper” to help prevent and detect violations of applicable Requirements. MANAGEMENT Each dealer member management team is responsible for supervising and directing the activities of the dealer member, as well as the individuals within the dealer member, to ensure compliance with the rules governing those activities within their management responsibility. COMPLIANCE DESIGNATIONS A number of formal compliance designations are required, some of which depend on the types of business conducted by the dealer member. Some designations may require specific registration approval by a regulatory authority; others are assigned by the firm. The firm must maintain particulars of the persons who have accountability. Key designated persons include the positions described below, among others. ULTIMATE DESIGNATED PERSON CIRO requires that each dealer member have only one person approved in the category of UDP. It also requires that the designated UDP be the chief executive officer (CEO) or a person who acts in a similar capacity. The CCO is permitted to also serve as the UDP, but this arrangement typically occurs only in smaller firms. It is more likely that investment in compliance will be treated as a high priority when the business head is appointed to the position of UDP. The UDP is responsible for the conduct of the dealer member and the supervision of its employees. The UDP is also responsible for developing and implementing policies and procedures that adequately reflect the regulatory requirements of the firm. © CANADIAN SECURITIES INSTITUTE CHAPTER 2      FORMAL COMPLIANCE STRUCTURE 2 9 CHIEF COMPLIANCE OFFICER The dealer member must appoint a CCO, which is an integral position in the firm’s executive management team. Certain functions and activities are assigned to the CCO by regulation, and responsibilities are further defined by the firm’s organizational structure. See Exhibit 2.1 below. The person in this role must implement compliance systems and establish and maintain policies and procedures for assessing compliance by the firm and by persons acting on its behalf. The CCO is also responsible for monitoring and assessing compliance with all of the firm’s requirements and applicable rules. Regardless of the role of the CCO at any given dealer member, the function should interact with business areas across the organization. The CCO must have access to the UDP and the board of directors (or equivalent) when the CCO considers it necessary or advisable in view of his or her responsibilities. Exhibit 2.1 | Excerpt from IDPC Rule section 3912, Responsibilities of the Chief Compliance Officer The Chief Compliance Officer must: 1. Establish and maintain policies and procedures to assess compliance by the Dealer Member and individuals acting on its behalf with CIRO requirements and securities laws; 2. Monitor and assess compliance by the Dealer Member, and individuals acting on its behalf, with CIRO requirements and securities laws; and 3. Report to the Ultimate Designated Person as soon as possible if there is any indication that the Dealer Member or any individual acting on its behalf may be in noncompliance with CIRO requirements or securities laws and (A) the noncompliance creates a reasonable risk of harm to a client; (B) the noncompliance creates a reasonable risk of harm to the capital markets; or (C) the noncompliance is part of a pattern of noncompliance. DESIGNATED SUPERVISORS CIRO requires that a dealer member appoint as many supervisors as necessary to properly supervise its various lines of business. CIRO requires designated supervisors to be responsible for functions including: Opening new accounts and supervising account activity Supervising options and futures accounts Pre-approving advertising, sales and literature, and correspondence materials An individual may be designated as a supervisor in more than one category. For example, a supervisor at a business location may be the designated supervisor for account openings, options accounts, and certain types of marketing and advertising. ACCOUNTS SUPERVISOR Dealer members must appoint one or more supervisors who are responsible for approving the opening of new accounts and for establishing and maintaining procedures relating to the supervision of accounts and account activity. CIRO rules permit a hierarchy for the approval of new accounts and supervision of ongoing account activity. These responsibilities are shared by a few persons in a small dealer member; larger firms with more locations may require a more elaborate supervisory structure. The CCO typically assesses wh

Use Quizgecko on...
Browser
Browser