Category: FAQs

FAQ Corner: What Are a Registrant’s Know-Your-Product and Suitability Obligations in Respect of a Client-Directed Trade?

Answer: While a firm is not required to approve securities that are held in an account as a result of a client-directed trade if they do not otherwise make those securities available to clients, the firm is required to: (a) inform the client of the basis for the firm’s determination that the trade is not suitable for the client, (b) recommend to the client an alternative action that would be suitable for the client, and (c) receive recorded confirmation of the client’s instruction to proceed with the trade despite the determination that has been made by the firm.

In respect to suitability, the Canadian Securities Administrators (CSA) have stated that all securities in a client’s account are subject to the registrant’s obligation to make a suitability determination, including required periodic suitability determinations. This is subject to a permitted client’s ability to waive suitability. Otherwise, a firm cannot get an explicit acknowledgement in writing in respect of a client-directed trade that the investment will not be considered to be part of the account and will not be part of any suitability assessment.

In respect to the know-your-product obligation, the CSA have stated that they expect registrants to take reasonable steps to assess and understand securities that form part of an account as a result of a client-directed trade, within a reasonable time after the trade, and, specifically with respect to registered individuals, that they will have an understanding of all securities held in a client’s account, including those that are held as a result of a client-directed trade in order to make the required periodic suitability determination. The CSA have acknowledged that the depth of the understanding required may vary depending on the nature of the securities, the client’s circumstances and investment objectives, and the relationship between the client and the registrant. Lastly, it should be noted that even where a permitted client has waived suitability, the CSA have provided that they still expect firms and their registered individuals to have an understanding of the securities in those situations.

September 30, 2021

FAQ Corner: What’s Next for the CFRs? CFR Phase II Checklist

Answer: While some are breathing a (small) sigh of relief as the deadline for complying with the conflict-of-interest provisions of the Client Focused Reforms has passed, it is time to consider how prepared your firm is for the next phase of the CFR amendments, coming into effect on December 31, 2021.

Some questions to ask yourself include whether:

  • Any employee titles need to be changed to comply with the misleading communication requirements;
  • Your firm’s current KYP policies and procedures have been documented appropriately;
  • You have formalized a system to monitor the securities products on your firm’s shelf as part of the new KYP obligations;
  • Your firm’s suitability determination policies and procedures have been updated to the new standard;
  • Your KYC forms are compliant with the new standard (and the requirement to get the information for a trusted contact person!);
  • Your Relationship Disclosure Information (RDI) contains all the required new information;
  • You have a plan / deadline to provide your clients with updated RDI;
  • Your Compliance Manual will include all the new policies and procedures relating to the CFRs; and
  • You have scheduled employee training on the new KYC, KYP and suitability determination obligations.

We know it’s a long list, but it does not need to be an overwhelming one. AUM Law would be pleased to assist you with any or all of the above, please reach out to your usual AUM lawyer to discuss further.

August 31, 2021

FAQ Corner: What Procedures are Required Before My Firm Can Accept Referred Business from a Third-Party?

Answer: Canadian securities laws require that a registered firm manage material conflicts of interest in the best interests of its clients. The Canadian Securities Administrators have provided guidance that paid referral arrangements are an inherent conflict of interest which, in their experience, are almost always material. While much of the guidance then focuses on out-bound referral arrangements (a registered firm referring a client to a third-party in exchange for a referral fee), we believe the guidance can equally apply to an in-bound referral arrangement (a third-party, such as a wealth planner, referring a client to a registered PM). In order to manage this conflict of interest, in addition to compliant client disclosure, the registered firm should have procedures in place to verify that the proposed referral arrangement will serve its clients’ best interests. These procedures can include a due diligence review of the referrer’s reputation and level of service, and confirmation that the referrer: (i) is qualified to render its services and is not subject to any civil actions or regulatory or professional disciplinary matters, and (ii) does not hold itself out as providing services that it is not registered to provide. The registered firm must also of course determine that its services are suitable for the client. Importantly, the CSA have also provided that If a client pays more for the same, or substantially similar, products or services as a result of a referral arrangement, they will not consider the inherent conflict of interest to have been addressed in the best interest of the client.

June 30, 2021

FAQ Corner: Does Claiming Compliance with GIPS Standards Require Third-Party Verification?

Answer: GIPS standards are a recognized standard for calculating and presenting investment performance around the world. While Canadian securities laws do not require a firm to comply with GIPS standards, a firm may wish to do so in order, for example, to demonstrate a commitment to adhere to global best practices. Verification of compliance with GIPS standards by a qualified third-party is recommended as it provides comfort and reduces the risk of making an incorrect claim. That being said, external, third-party verification is not strictly required for a firm to claim compliance with GIPS standards. A firm can self-certify that it complies with GIPS standards and annually notify CFA Institute of its claim by June 30th in order to be included in CFA Institute’s List of Organizations Claiming Compliance with GIPS standards. CFA Institute does not represent or verify that the firms included on the list meet the GIPS standards or engage in the review, enforcement, or quality control of such firms.

June 30, 2021

FAQ Corner: Now that Joint Oversight Over Distributions of Non-Qualified Syndicated Mortgage Investments (NQSMIs) by FSRA and the OSC is Underway, What Should Firms Operating in this Space Keep in Mind?

Answer: As of July 1, 2021, the OSC will have regulatory oversight over the distribution of NQSMIs to persons that are not permitted clients. Firms distributing NQSMIs to investors that are not permitted clients will need to rely on another available prospectus exemption and will need to be registered as an exempt market dealer (EMD) or engage the services of a third-party EMD (or rely on an available exemption). FSRA will retain regulatory oversight over the distribution of NQSMIs to permitted clients (although there is no prohibition on EMDs distributing NQSMIs to permitted clients under the OSC’s regime).

FSRA requires the filing of a quarterly report containing certain data about each NQSMI with permitted clients. Firms that distribute NQSMIs in reliance on the “accredited investor” prospectus exemption or the “offering memorandum” prospectus exemption will need to file a report of exempt distribution with the OSC (and any other applicable securities regulators) within 10 days of the distribution. Issuers relying on the “offering memorandum” prospectus exemption will need to comply with certain supplemental disclosure obligations and will also need to prepare audited financial statements. Although there are no prescribed disclosure requirements for issuers relying on the “accredited investor” prospectus exemption, be aware that presentations and marketing materials could fall within the broad definition of “offering memorandum” which exposes the issuer to potential liability for misrepresentation and triggers the need to include a summary of applicable damages and rescission rights and to file a copy of the materials with the OSC within 10 days of the distribution.

EMDs distributing NQSMIs must comply with know-your-client, know-your-product and suitability obligations as well as conflicts of interest and client relationship disclosure. While the OSC does not require prescribed forms, the OSC expects registrants to perform a meaningful suitability assessment and to appropriately document that assessment. If you have any questions about the changes to the treatment of NQSMIs, please contact your usual lawyer at AUM Law.

June 30, 2021

Can a Registrant Act as a Trustee, Executor, or Under a POA for a Client? When Are Such Activities Reportable as an OBA?

Answer: Registrants are often asked by their clients, as trusted advisors, to act as their trustee under family trusts, executors under their will or as powers of attorney. The potential issue with accepting any of these roles for a registrant is that they may present a material conflict of interest. For instance, if a client is deceased and the advisor takes on the role of the executor of the estate, he or she will be required to review the registrant’s work and decide if the investments are still appropriate, and potentially whether the executor should even keep the assets with the advisor or the advisor’s firm. The conflict becomes most obvious if the registrant is responsible for reviewing his or her own work.

While the CSA chose not to explicitly prohibit such relationships in the Client Focused Reforms, personal financial dealings are referenced in certain IIROC and MFDA rules. For example, in IIROC rule 3115. Personal financial dealings, there is a prohibition on acting as a power of attorney, trustee, executor or otherwise having full or partial control or authority over the financial affairs of a client except in limited circumstances, such as when the client is a related person as defined in the Income Tax Act (Canada) and control is exercised in accordance with firm policies and procedures, or in the case of certain control granted in a discretionary account. The CSA is also of the view that a registrant having full control or authority over the financial affairs of a client may create a material conflict of interest. So, if a firm is not going to avoid this conflict, it should create a specific procedure to ensure that these conflicts are identified and are addressed in the client’s best interest. For example, specific pre-approval from the CCO could be obtained, based on a justification of why such activity would be in the best interests of the client in the specific instance, and procedures to manage the potential conflict such as having the individual advisor recuse himself or herself on matters involving the appointment of an investment manager could be implemented, where possible.

We understand that simply being appointed an executor in a will does not currently amount to a disclosable OBA in Form 31-103F4, and will only become disclosable once a registrant steps into that role and is vested with the powers of the office of an executor. We believe the same logic could apply to other powers of attorney as well, depending on the type of powers granted.

May 31, 2021

How Often Should a Registered Firm Conduct Ongoing Monitoring of Their Clients’ Accounts for the Purposes of Complying with Their Anti-Money Laundering (AML) Requirements?

Answer: While it may be considered industry standard to conduct ongoing monitoring annually, FINTRAC allows registrants to determine the frequency with which a registrant will monitor its clients’ accounts. Accordingly, every firm should have policies and procedures that reflect what they have determined to be a reasonable process for conducting ongoing monitoring. In general, the frequency of ongoing monitoring will depend on the types of services provided to the clients, the type of relationship the firm has with its clients, and the risk level of the clients.

Of course, FINTRAC rules can not be viewed in isolation, and registrant firms must also consider the requirements set out in the Client Focused Reforms Amendments to NI 31-103 and Companion Policy 31-103CP (CFR Amendments) relating to know-your-client (KYC) information which come into force at the end of the year. For managed accounts, a review should occur at least every 12 months; if the registrant is an exempt market dealer (EMD), the review should occur within 12 months before making a trade for, or recommending a trade to, the client.  In any other case, reviews are expected to occur no less frequently than once every 36 months.

For any high-risk client, FINTRAC would expect monthly or quarterly monitoring, as well as the close monitoring of all of that client’s transactions.

We recommend that firms make explicit note of the fact that AML information was considered as part of the client’s information update. For more specific guidance regarding what other information should be collected from clients as part of the AML ongoing monitoring requirements, please do not hesitate to contact us.

May 31, 2021

FAQ Corner: Are there other regulations for a portfolio manager to think about when determining whether the early warning reporting rules apply to the purchase of securities of a reporting issuer?

Answer: When considering an investment in a reporting issuer, we often get questions on whether the early warning reporting (EWR) requirements apply and whether a report is required under National Instrument 62-104 Take-Over Bids and Issuer Bids or National Instrument 62-103 The Early Warning System and Related Take-Over Bid and Insider Reporting Issues (NI 62-103). Typically, a purchaser must promptly issue a news release and file an early warning report in the prescribed form within two business days of a purchase exceeding the thresholds. However, NI 62-103, in certain instances, may allow a portfolio manager to rely on the alternative monthly reporting (AMR) regime to report the beneficial ownership of, or control or direction over, voting or equity securities (or convertible securities) of the reporting issuer in question within 10 days of each month-end in which a report is required to be made. A separate insider report may also be required to be filed on SEDI under applicable securities regulations with respect to such investment in the reporting issuer unless an exemption is available. In addition to the early warning and insider reports, a portfolio manager should also consider other rules, including whether consent for a purchase of securities would be required under National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations (NI 31-103). For example, NI 31-103 prohibits a registered adviser from causing an investment portfolio it manages (including an investment fund) to purchase a security of an issuer in which a responsible person (as defined in NI 31-103) is a partner, officer or director unless the written consent of the client (which means the unitholders of a fund if the client is a fund) is obtained before the purchase.

There are also other conflict of interest issues to consider in these instances. For example, where the purchase in question is by an investment fund, particularly of larger positions, portfolio managers should consider whether such transaction would be prohibited by conflict of interest rules such as those found in subsection.111(2) of the Securities Act (Ontario). This provision prohibits an investment fund from making an investment in any person or company in which the fund, alone or together with one or more related investment funds, is a substantial security holder (generally, beneficial ownership of voting securities to which are attached more than 20% of the voting rights attached to all of the issuer’s voting securities). The calculation to determine whether the issuer owns 20% or more of a reporting issuer is different for the purposes of s.111 of the OSA and or the purposes of the EWR and AMR regime in NI 62-103.

These rules require careful consideration and can be complex, including with respect to determining a person’s ownership percentage of securities of a reporting issuer. If you have any questions with respect to these requirements, please do not hesitate to contact us.

February 26, 2021

FAQ Corner: Can a portfolio manager or investment fund that is subject to FATCA/CRS due diligence and reporting obligations rely on a dealer or third-party custodian to conduct these activities on its behalf?

Answer: The FATCA and CRS provisions of the Income Tax Act (Canada) (the “ITA”) and the guidance issued by the Canada Revenue Agency (CRA) in connection with those provisions addresses the application of the FATCA and CRS due diligence and reporting requirements in circumstances where there are multiple financial institutions involved in a particular financial account. Generally, where an account is maintained by two financial institutions, each of which would have FATCA and CRS due diligence and reporting requirements, the parties can enter into arrangements to allocate the FATCA and CRS obligations applicable to the account amongst them in order to alleviate duplicate reporting. So, the answer is … yes!

If units of a fund are held in client name, both the fund and the dealer involved in the distribution have FATCA and CRS obligations with respect to the account. In general, the CRA expects dealers to perform the due diligence and account classification and funds to report on the accounts, unless a fund has been advised by a dealer that the dealer will take responsibility for its own reporting. While the ITA and CRA guidance sets out some default arrangements, financial institutions can enter into written agreements to allocate the responsibilities based on their circumstances. It is advisable to retain records of such arrangements in order to demonstrate compliance with FATCA and CRS obligations.

With respect to custodians, the CRA generally expects the financial institution with the most immediate relationship with the client to be best positioned to understand the client’s tax status (i.e. conduct the due diligence), however it is appreciated that custodians may be in a better position to provide reporting. The CRA expects a suitable arrangement to include one where the investment manager performs the due diligence and communicates the account classification to the custodial institution for reporting by the custodian to the CRA.

January 29, 2021

FAQ Corner: Does a pooled fund that invests in an underlying fund require a custodian for the securities of the underlying fund?

Answer: In June 2018, amendments to the custody requirements in NI 31-103 came into force (the “Custody Amendments”). The Custody Amendments include an exception from the requirement to retain a qualified custodian for securities that are recorded on the books of the security’s issuer, or the transfer agent of the security’s issuer, only in the name of the client or investment fund (the “Exception”). We are of the view that in many circumstances, a top fund can rely on the Exception such that a custodian is not required simply to hold the units of an underlying fund held by the top fund as long as the units are recorded on the books of the underlying fund in the name of the top fund. These units are typically maintained in book-based form. However, there is no exemption for the portfolio securities held by the underlying fund, which generally must be held by a qualified custodian that complies with the requirements of NI 31-103.

Prior to the Custody Amendments, it was common for fund-on-fund relief orders to include a representation that the assets of the top fund would be held by a custodian that meets the requirements of NI 81-102. Such a condition may generally be superseded by the Exception, provided that there is no other reason a custodian at the top fund level would be required.

January 29, 2021

Do registered individuals (and applicants for registration) have to disclose offenses they have been charged with, if the matter hasn’t been adjudicated yet?

Item 14.1 of Form 33-109F4 Registration of Individuals and Review of Permitted Individuals (Form 33-109F4) requires individual applicants to indicate whether there are any outstanding or stayed charges against them alleging that a criminal offense was committed. Once an individual is registered or approved, subsection 4.1(1) of National Instrument 33-109 Registration Information (NI 33-109) requires them to disclose to the regulator within ten days any change in the information previously submitted in respect of Item 14 – Criminal Disclosure on their Form 33-109F4.

Even though Form 33-109F4 makes it clear that criminal charges must be disclosed, some people might be embarrassed or otherwise reluctant to disclose such facts in the hope that no one will notice, especially if they think there is a good chance that the charge ultimately will be dismissed. There is no shortage of case law, however, indicating that this “stick your head in the sand” approach is very risky.

For example, in the recent Director’s decision Re Tams published by the Ontario Securities Commission (OSC), the Director agreed with staff’s recommendation not to re-activate an individual’s registration as a mutual fund dealing representative due to concerns about his integrity. As part of OSC staff’s routine criminal records check, they learned that while the applicant was registered with another firm, he had failed to disclose to the OSC that he had been charged with an impaired driving offense under the Criminal Code. Later, he quadrupled down on that non-disclosure by failing to disclose the outstanding charge to the OSC or his sponsoring firm when he applied for registration as a mutual fund dealing representative at that other firm, failing to respond to OSC staff’s inquiries about the non-disclosure, and making false statements to staff during a voluntary interview to consider his registration.

Even though the applicant was ultimately acquitted for the criminal charge, OSC staff and the Director viewed his pattern of withholding information as problematic. In the decision, the Director refers to CSA Staff Notice 33-320 The Requirement for True and Complete Applications for Registration (SN 33-320), which stresses the importance of applicants for registration being willing and able to complete the application form for registration with candour.

AUM Law has extensive experience assisting individuals and their sponsoring firms with applications for registration, preparing updates to Form 33-109F4, training staff on their obligations to update this form when circumstances change, and engaging with regulators to address any concerns that might arise regarding an individual’s fitness for registration. Please do not hesitate to contact us if you have questions about the application or update process.

July 31, 2020

How does a registered firm’s UDP certify their firm’s 2020 RAQ responses if the UDP doesn’t have online access to the survey?

As we mentioned in our May 2020 bulletin, Ontario-registered firms must submit online their 2020 Risk Assessment Questionnaire (RAQ) responses and supplementary COVID-19 survey responses to the Ontario Securities Commission (OSC) by August 6. The OSC introduced additional security measures this year for the RAQ process, including a requirement that each firm’s chief compliance officer (CCO) register and create an online account before accessing the firm’s 2020 RAQ.

Since many people are working remotely, it might not be possible for the firm’s ultimate designated person (UDP) to access their firm’s 2020 RAQ responses online and provide the required certification. OSC staff, therefore, sent an email in mid-July to UDPs describing the steps that they and the CCO should take in such circumstances. In particular:

  • The UDP should certify the firm’s 2020 RAQ by sending an email to the ComplianceSurvey@osc.gov.on.ca and copy the CCO on this email.
  • The email must include the specific language set out in the email that the firm’s CCO should have received from the OSC in mid-July.
  • The CCO must copy that same email into the Final Overall Feedback section at the end of each section of the 2020 RAQ.

If you have any questions about the certification process described above or want us to review your draft responses to the 2020 RAQ or COVID-19 Survey, please contact us as soon as possible, so that we help you get your responses submitted by the August 6 deadline.

July 31, 2020

May an associate advising representative work remotely or in a one-person branch office?

National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations (NI 31-103) prohibits an associate advising representative (AAR) from advising on securities unless that advice has been pre-approved by an advising representative (AR) designated by the firm to review that AAR’s advice.

There is no requirement for an AAR and the AR reviewing that AAR’s advice to work “side by side” in the same office. However, there are potentially greater compliance risks associated with having them work from separate locations, such as in the current environment where many people are working remotely from home. For example, the AR and AAR might be working somewhat different hours as they juggle professional and family responsibilities, and clients concerned about market volatility might be calling them at all hours for reassurance. These factors can make it more challenging for the AR to pre-clear the AAR’s advice to the client. Maintaining organized client files including documentation of the AR’s pre-approval of the AAR’s advice can also be more difficult when people are accessing files remotely.

Nevertheless, it is critical for the firm to have and maintain adequate controls and supervision to ensure compliance with the pre-clearance rule described above. The firm also should document how it has considered and addressed the risks that arise from the AAR and AR working from separate locations, as well as documenting on an ongoing basis the AR’s review and pre-approval of any advice to be provided by the AAR.

The COVID-19 pandemic continues to present regulatory challenges for firms as they operate in this “new normal”. AUM Law is helping clients assess whether their existing policies, procedures and controls address the emerging risks and we can help you too. Please do not hesitate to contact us.

May 29, 2020

Can Our Firm Use Electronic Signatures for Subscription Documents, Investment Management Agreements and Similar Agreements with the Firm’s Clients?

With so many registered firms operating remotely and avoiding in-person meetings with potential clients wherever possible during the COVID-19 pandemic, the question has arisen again whether electronic signatures (e-signatures) are acceptable for various agreements with the firm’s clients. The answer depends on several factors:

  • What the law says: In Canada, all the provinces and territories except Québec have adopted legislation based on the Uniform Electronic Commerce Act (UCEA), which provides, in effect, that a contract, record or signature will not be unenforceable solely because it is electronic. (Québec’s legislation incorporates many of the same principles but doesn’t follow the UCEA model.) There are some provincial variations in the legislation, with some provinces having stricter requirements regarding, for example, the type of e-signature that is acceptable. For contracts governed by Ontario law, the Electronic Commerce Act (Ontario) (OECA) provides that an e-signature is acceptable if it is reliable for purposes of identifying the person signing the document and the association of the e-signature with the relevant document is reliable.
  • What the parties to the contract agree to: The UCEA and similar legislation facilitate electronic contracts and e-signatures but do not require them. The parties to a contract can agree to a different arrangement. Therefore, registrants that, to date, haven’t been using e-signatures in particular contracts should check that the contract in question provides for the contract to be in electronic form and signed with e-signatures.
  • The contract’s subject matter: Certain categories of contracts, such as negotiable instruments, some types of real estate agreements and some types of powers of attorney, may require a “wet ink” signature (although some of these restrictions have been relaxed during the pandemic). In Ontario, there is no prohibition on subscription agreements, investment management agreements and similar client relationship agreements using e-signatures.
  • What the firm’s articles, by-laws, policies and procedures say: The registered firm should confirm that its articles, by-laws, policies and procedures do not restrict the use of e-signatures and determine if any particular form of e-signature is required. Although such restrictions are rare, it is important to verify that neither the registered firm nor any client that is an entity is subject to any restrictions on the proposed form of e-signature to be used, especially when a change in firm practice is being considered.

Of course, firms should maintain fully signed and complete electronic contracts just as they would for paper contracts with wet signatures, and they should have a contract execution policy that expressly provides for electronic contracts and e-signatures. It’s also especially important these days, when so many people are working remotely, to organize the firm’s executed contracts so that they can be easily found.

If you have any questions about whether an e-signature is acceptable for a particular type of contract or wish to update your policies and procedures to provide for electronic contracts and e-signatures, please do not hesitate to contact us.

April 30, 2020

You’ve Activated Your Business Continuity Plan. What’s Next?

In light of the COVID-19 outbreak, many registered firms are implementing their business continuity plans (BCPs) and having their employees work from home, except where certain individuals need to access office facilities to ensure continued service to clients. In this article, we’ll address some issues for registered firms to consider in the short and medium term while operating in such conditions. We emphasize that firms and regulators are facing an unprecedented and constantly changing situation, and so our initial views on the issues below may change as circumstances evolve and regulators issue new or updated guidance or rules.

If my firm is covered by an “essential service” exemption from a government order to close businesses, why not carry on as usual from our office? Workplaces can contribute to the spread of the virus that causes COVID-19, and so a firm needs to evaluate the occupational health and safety, public health and litigation risks of having employees work from its offices or meet physically with clients, etc. The Government of Canada has published Risk-Informed Decision-Making Guidelines for workplaces and businesses during the pandemic. If you need legal advice on employment or occupational health and safety matters, AUM Law can source, evaluate and help you retain appropriate counsel and then manage the provision of that advice so that you can focus on running your business. From a securities regulatory compliance perspective, we think that a registered firm that requires all or most of its employees to work onsite instead of working from home could attract scrutiny from securities regulators due to concerns that the firm’s BCP is not functioning effectively.

Should my firm contact the securities regulator because we have activated our BCP? Activating your BCP does not, in itself, trigger an obligation to notify the Ontario Securities Commission (OSC). If, however, your firm finds that it might not be able to meet one or more of its regulatory obligations on a timely basis because of the pandemic, then that might trigger a filing obligation and we encourage you to speak to your usual lawyer at AUM Law as soon as possible. (See also our article in this bulletin on the blanket orders issued by members of the Canadian Securities Administrators (CSA) extending certain filing deadlines for registrants, investment funds and others.) We can advise you on your options and liaise with regulators on your behalf.

Do the home offices of registered individuals need to be approved as branch offices? Technically, having registered employees work from a location other than the address indicated on their Form 33-109F4 (Form F4), could be viewed as requiring an updated filing and/or approval of new “branch offices”. However, in light of the recent government orders and recommendations requiring or asking people to stay at home as much as practicable, we believe that at least in the short term, it is unlikely that OSC staff will expect registered firms to update Form F4s or seek approval for branch offices, provided that registered individuals are not meeting with clients in their homes or bringing home physical files that contain sensitive client information.

Cross-training: Are there functions at your firm that only one or two employees know how to perform? If you haven’t done so lately, we encourage you to review and update your list of key tasks and deadlines and the individuals responsible for performing those tasks. Identify a back-up person for each task and deadline (or group of related tasks and deadlines) and, if necessary, train that back-up person.

BCP considerations for “one-registrant” firms: If a registered firm has only one registered individual (One-Registrant Firm) to serve clients, we encourage the firm to have a plan to address a scenario where that individual is absent or incapacitated for weeks or months. We recommend that One-Registrant Firms, at a minimum, prepare standing instructions for the firm’s administrative staff and legal representatives to follow if the registered individual is absent or incapacitated for more than a brief period. Such firms also might wish to explore the feasibility of negotiating, in advance, a formal agreement with another registered firm (Temporary Successor). Such an arrangement could be a reciprocal one between two One-Registrant Firms seeking to address the same business continuity issue. Under such an agreement, the Temporary Successor would step into the shoes of the registered individual, for certain purposes, if that individual was unable to perform their duties for more than a brief period. The purpose of the agreement would only be to communicate with service providers and clients as the clients decide how best to address their account assets.

Technology risks including cyber-security and privacy risks: The rapid shift to remote work arrangements has resulted in some issues arising with respect to technology slowdowns, disruptions and hacking. Some firms are deploying new software or devices (including virtual meeting systems) that employees are having to become familiar with quickly, and many employees are dealing with the challenge of handling matters discreetly with family members or roommates present. There also are reports of some public, virtual meetings and conferences conducted over Zoom and similar systems being hacked. Finally, some employees are experiencing anxiety and confusion because of the pandemic. All these circumstances increase the risks of inadvertent cyber-security failures and opportunities for hacking. Maintaining robust cyber-security policies and procedures, adapting them as needed to address emerging or changing risks, reminding employees of the need to take precautions, and monitoring employees’ compliance with such policies and procedures are essential actions at this time both from a regulatory compliance and litigation risk perspective.

Communications with clients: Pandemic conditions and their knock-on effects in financial markets may result in a significant increase in customer call volumes or online account usage. Registered firms should review their BCPs and assess the effectiveness of their systems and processes to handle this level of increased activity. If your firm is experiencing difficulty serving customers in a timely way, please contact us to discuss measures you should undertake (including communication strategies) to address the situation. (On a related subject, please see our FAQ in this bulletin focused on ensuring that you’ve got current know-your-client (KYC) information for clients whose life situations may be changing dramatically.)

Supervision, compliance and internal controls during the new “work from home” normal: As we all adjust over the next month or so to the “new normal” of working remotely as much as practicable for an unknown period of time, we think that regulators will begin expecting to see registered firms consider whether they need to adapt their policies, procedures and controls to address any new or magnified regulatory compliance risks. AUM Law can help you assess whether  your existing supervisory system, compliance manual, procedures and internal controls should be revised to ensure compliance while many employees are operating from remote locations.

We can help: At AUM Law, we are experienced in reviewing BCPs from a regulatory compliance perspective. We can draft or update your BCP to ensure that it addresses a scenario like this one. Please don’t hesitate to contact us.

March 31, 2020