Answer: Most registered firms are aware of the obligation to maintain records to demonstrate compliance with securities laws and anti-money laundering requirements and have policies and procedures to address these requirements. For example, National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations requires a registered firm to keep a record that it is required to keep under securities legislation for 7 years from the date the record is created, in a safe location and in a durable form and in a manner that permits it to be provided to the regulator in a reasonable period of time. FINTRAC regulations generally require registrants to maintain records for at least 5 years. However, once the statutory retention periods have been met, should a firm destroy the documents? What are the implications if a firm wants to retain documentation for longer periods? There are a number of considerations that are relevant to document retention and destruction including the nature of the document, applicable regulatory retention requirements, privacy law considerations (generally, personal information must not be retained longer than necessary), the firm’s operating needs and potential or actual litigation. Firms may wish to give some thought to their processes for destroying physical documents including whether electronic copies will be maintained, the method of destruction (taking care to safeguard personal and confidential information) and maintaining a record of the date and manner of destruction. AUM Law is pleased to assist firms with developing policies and procedures to address matters of records retention and destruction.
April 29, 2022
You just got a formal request from the Ontario Securities Commission (OSC) that they would like to come by for a visit, accompanied by a request for all the inner workings of your firm, what do you do?! First, respond. Second, get ready, any regulatory review will be much smoother if you are prepared. Below are a few frequently asked questions we receive from firms.
Question: Why Me? Why is the OSC Targeting Our Firm?
Answer: The OSC is required to review each registered firm on a regular basis. With more than 1000 registered firms, it is impossible to review all firms each year. To narrow their focus, one technique employed by the OSC is to send out risk assessment questionnaires (RAQ) to the industry, and firms are then risk ranked based on their responses. Selections are then made from each registration category. Registrants can also be subject to a targeted review or “sweep”, specific to an issue/trend in the industry. Over the last three years the OSC has focused their sweeps on issues such as the following: seniors/vulnerable investors, crypto currency use, continuous disclosures, marketing/sales practices, and derivatives use. Registrants could also be selected due to a complaint received, a referral from another regulatory body, or randomly.
Question: What Do They Typically Ask For and Do During a Compliance Review?
Answer: The OSC will send a written notice to the CCO requesting the firm’s Books and Records (lists per registration category are posted on the OSC website), for a specified period. The OSC will schedule a kick-off meeting with senior management. A typical OSC review can take six weeks to conclude (especially if the firm has branch offices) but in our experience can go on for even longer depending on the complexity of the organization. During the review the OSC will want to interview senior management and key employees, assess the firm’s compliance systems, disclosures, internal controls, marketing materials, and all policies and procedures, as well as any outstanding deficiencies noted during a previous review.
Question: What Happens After the Review?
Answer: Once the OSC has completed the assessment portion of the review, they will schedule an exit interview with senior management to go over their preliminary findings. The OSC typically takes about three to five weeks to send their final written report. If they have identified significant deficiencies during their review, they will inform the firm immediately. There will usually be a deficiency report advising the firm of the deficiencies that have to be addressed, and the time within which the firm must either correct and/or correct and send proof of the required changes. If the deficiency is significant (i.e. a material breach of securities law) then OSC staff can take stricter action, such as impose terms and conditions on the firm’s registration or activities, refer the matter to the Enforcement Branch, or even suspend or revoke the registration of the firm or impacted individual.
Question: What Are the Top Deficiencies Identified by the OSC?
While each audit and audit results are unique, firms that require some remediation of their compliance activities could expect at least some of the following deficiencies to be noted on an audit report:
Compliance Systems and Supervision
- Out of date, or inadequate compliance manuals/policies and procedures;
- Inadequate disclosures, no or insufficient internal mechanisms to report and address conflicts of interest;
- Misleading or inaccurate statements in marketing materials and inappropriate sales practices, or materials lacking appropriate approvals from management; and
- Insufficient oversight over service providers.
Registration and Business Operations
- Inadequate monitoring for insider trading and early warning reporting (e.g. with respect to personal trading monitoring); and
- Client confusion regarding services provided by the firm and services provided by a referral agent.
Know Your Client (KYC), Know Your Product (KYP) & Suitability
- Missing or inadequate collection and documentation of KYC information and financial circumstances resulting in the inability to truly assess suitability;
- Missing proof that client is an accredited investor to qualify for the accredited investor prospectus exemption (if applicable);
- Missing or incomplete Investment Policy Statement (IPS) or Investment Management Agreement (IMA) or an incomplete suitability assessment;
- Missing or inadequate relationship disclosure information (RDI); and
- Missing or inadequate disclosure to clients in respect of referral arrangements.
AUM Law has extensive experience helping firms prepare for and respond to regulatory audits. Please contact your usual lawyer at AUM Law for more information.
April 29, 2022
Answer: As set out in National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations (31-103), as a registrant you are now required to follow all the new KYC and suitability requirements. Section 13.3(2) of NI 31-103 provides, among other things, that a registrant must take reasonable steps to ensure it has sufficient information about its clients regarding certain factors to enable it to meet its suitability determination, including the client’s personal and financial circumstances, and the client’s investment needs, objectives, investment knowledge, risk profile and investment time horizon. In addition, Section 13.2(4) of NI 31-103 specifically provides that you must “take reasonable steps” to keep the KYC information current, including updating the information within a reasonable time after becoming aware of a significant change in the client’s information that you have in your files.
As noted in the CSA’s FAQs on the Client Focused Reforms, CSA staff have stated that they expect registrants to schedule KYC updates in accordance with the triggers set out in Section 13.2 (4.1). CSA staff specifically note that as a registrant, you must use your professional judgement, when interacting with clients, to determine if you need to ask about any significant changes to the client’s circumstances and then update the KYC information accordingly. With respect to how often you need to reach out to clients (assuming they do not reach out to you to let you know of a significant change), the expectation is that you will periodically confirm with clients that the information you have is current. One suggestion provided is that you consider having more frequent interactions at set intervals; again, all depending on your relationships and mandate with your clients. In all cases, your policies and procedures must demonstrate that you have taken reasonable steps to keep KYC information up to date. Your firm must also provide training to all registered individuals on compliance with securities legislation, including the KYC obligations.
March 31, 2022
Answer: Registered firms sometimes ask us if they can provide account statements and reports on a household basis to families where multiple family members are clients of the firm. According to regulatory guidance, the answer is a qualified yes, but… registered firms may choose to provide supplementary reporting at the household level to clients that request it, but only if they also separately provide account-level reporting. This means that registered firms are permitted to provide account statements and cost and performance reports on a household basis to clients that want it, but only as additional reports to account-level statements and reports for each individual in the household.
February 28, 2022
Answer: Registered firms sometimes ask us if they can provide account statements and reports on a household basis to families where multiple family members are clients of the firm. According to regulatory guidance, the answer is a qualified yes, but… registered firms may choose to provide supplementary reporting at the household level to clients that request it, but only if they also separately provide account-level reporting. This means that registered firms are permitted to provide account statements and cost and performance reports on a household basis to clients that want it, but only as additional reports to account-level statements and reports for each individual client in the household.
February 28, 2022
Answer: The regulatory guidance on this topic is similar to the answer above; registered firms can perform a suitability determination at a household level, but only if they also separately make an account-level suitability determination. In other words, the household-level suitability determination must be supplemental to the account-level determinations.
From a compliance perspective, before registered firms can perform supplementary suitability determinations at the household level:
- the household members should have sufficient alignment of investment objectives to benefit from a household account suitability assessment,
- each individual who is not a minor within the household should be fully informed of the purpose of a household suitability determination and how it differs from account-level suitability determinations, and
- each individual who is not a minor within the household should agree to the household suitability determination.
These and many more topics are covered in the CSA’s Client Focused Reforms FAQs.
February 28, 2022
Answer: While a firm is not required to approve securities that are held in an account as a result of a client-directed trade if they do not otherwise make those securities available to clients, the firm is required to: (a) inform the client of the basis for the firm’s determination that the trade is not suitable for the client, (b) recommend to the client an alternative action that would be suitable for the client, and (c) receive recorded confirmation of the client’s instruction to proceed with the trade despite the determination that has been made by the firm.
In respect to suitability, the Canadian Securities Administrators (CSA) have stated that all securities in a client’s account are subject to the registrant’s obligation to make a suitability determination, including required periodic suitability determinations. This is subject to a permitted client’s ability to waive suitability. Otherwise, a firm cannot get an explicit acknowledgement in writing in respect of a client-directed trade that the investment will not be considered to be part of the account and will not be part of any suitability assessment.
In respect to the know-your-product obligation, the CSA have stated that they expect registrants to take reasonable steps to assess and understand securities that form part of an account as a result of a client-directed trade, within a reasonable time after the trade, and, specifically with respect to registered individuals, that they will have an understanding of all securities held in a client’s account, including those that are held as a result of a client-directed trade in order to make the required periodic suitability determination. The CSA have acknowledged that the depth of the understanding required may vary depending on the nature of the securities, the client’s circumstances and investment objectives, and the relationship between the client and the registrant. Lastly, it should be noted that even where a permitted client has waived suitability, the CSA have provided that they still expect firms and their registered individuals to have an understanding of the securities in those situations.
September 30, 2021
Answer: While some are breathing a (small) sigh of relief as the deadline for complying with the conflict-of-interest provisions of the Client Focused Reforms has passed, it is time to consider how prepared your firm is for the next phase of the CFR amendments, coming into effect on December 31, 2021.
Some questions to ask yourself include whether:
- Any employee titles need to be changed to comply with the misleading communication requirements;
- Your firm’s current KYP policies and procedures have been documented appropriately;
- You have formalized a system to monitor the securities products on your firm’s shelf as part of the new KYP obligations;
- Your firm’s suitability determination policies and procedures have been updated to the new standard;
- Your KYC forms are compliant with the new standard (and the requirement to get the information for a trusted contact person!);
- Your Relationship Disclosure Information (RDI) contains all the required new information;
- You have a plan / deadline to provide your clients with updated RDI;
- Your Compliance Manual will include all the new policies and procedures relating to the CFRs; and
- You have scheduled employee training on the new KYC, KYP and suitability determination obligations.
We know it’s a long list, but it does not need to be an overwhelming one. AUM Law would be pleased to assist you with any or all of the above, please reach out to your usual AUM lawyer to discuss further.
August 31, 2021
Answer: Canadian securities laws require that a registered firm manage material conflicts of interest in the best interests of its clients. The Canadian Securities Administrators have provided guidance that paid referral arrangements are an inherent conflict of interest which, in their experience, are almost always material. While much of the guidance then focuses on out-bound referral arrangements (a registered firm referring a client to a third-party in exchange for a referral fee), we believe the guidance can equally apply to an in-bound referral arrangement (a third-party, such as a wealth planner, referring a client to a registered PM). In order to manage this conflict of interest, in addition to compliant client disclosure, the registered firm should have procedures in place to verify that the proposed referral arrangement will serve its clients’ best interests. These procedures can include a due diligence review of the referrer’s reputation and level of service, and confirmation that the referrer: (i) is qualified to render its services and is not subject to any civil actions or regulatory or professional disciplinary matters, and (ii) does not hold itself out as providing services that it is not registered to provide. The registered firm must also of course determine that its services are suitable for the client. Importantly, the CSA have also provided that If a client pays more for the same, or substantially similar, products or services as a result of a referral arrangement, they will not consider the inherent conflict of interest to have been addressed in the best interest of the client.
June 30, 2021
Answer: GIPS standards are a recognized standard for calculating and presenting investment performance around the world. While Canadian securities laws do not require a firm to comply with GIPS standards, a firm may wish to do so in order, for example, to demonstrate a commitment to adhere to global best practices. Verification of compliance with GIPS standards by a qualified third-party is recommended as it provides comfort and reduces the risk of making an incorrect claim. That being said, external, third-party verification is not strictly required for a firm to claim compliance with GIPS standards. A firm can self-certify that it complies with GIPS standards and annually notify CFA Institute of its claim by June 30th in order to be included in CFA Institute’s List of Organizations Claiming Compliance with GIPS standards. CFA Institute does not represent or verify that the firms included on the list meet the GIPS standards or engage in the review, enforcement, or quality control of such firms.
June 30, 2021
Answer: As of July 1, 2021, the OSC will have regulatory oversight over the distribution of NQSMIs to persons that are not permitted clients. Firms distributing NQSMIs to investors that are not permitted clients will need to rely on another available prospectus exemption and will need to be registered as an exempt market dealer (EMD) or engage the services of a third-party EMD (or rely on an available exemption). FSRA will retain regulatory oversight over the distribution of NQSMIs to permitted clients (although there is no prohibition on EMDs distributing NQSMIs to permitted clients under the OSC’s regime).
FSRA requires the filing of a quarterly report containing certain data about each NQSMI with permitted clients. Firms that distribute NQSMIs in reliance on the “accredited investor” prospectus exemption or the “offering memorandum” prospectus exemption will need to file a report of exempt distribution with the OSC (and any other applicable securities regulators) within 10 days of the distribution. Issuers relying on the “offering memorandum” prospectus exemption will need to comply with certain supplemental disclosure obligations and will also need to prepare audited financial statements. Although there are no prescribed disclosure requirements for issuers relying on the “accredited investor” prospectus exemption, be aware that presentations and marketing materials could fall within the broad definition of “offering memorandum” which exposes the issuer to potential liability for misrepresentation and triggers the need to include a summary of applicable damages and rescission rights and to file a copy of the materials with the OSC within 10 days of the distribution.
EMDs distributing NQSMIs must comply with know-your-client, know-your-product and suitability obligations as well as conflicts of interest and client relationship disclosure. While the OSC does not require prescribed forms, the OSC expects registrants to perform a meaningful suitability assessment and to appropriately document that assessment. If you have any questions about the changes to the treatment of NQSMIs, please contact your usual lawyer at AUM Law.
June 30, 2021
Answer: Registrants are often asked by their clients, as trusted advisors, to act as their trustee under family trusts, executors under their will or as powers of attorney. The potential issue with accepting any of these roles for a registrant is that they may present a material conflict of interest. For instance, if a client is deceased and the advisor takes on the role of the executor of the estate, he or she will be required to review the registrant’s work and decide if the investments are still appropriate, and potentially whether the executor should even keep the assets with the advisor or the advisor’s firm. The conflict becomes most obvious if the registrant is responsible for reviewing his or her own work.
While the CSA chose not to explicitly prohibit such relationships in the Client Focused Reforms, personal financial dealings are referenced in certain IIROC and MFDA rules. For example, in IIROC rule 3115. Personal financial dealings, there is a prohibition on acting as a power of attorney, trustee, executor or otherwise having full or partial control or authority over the financial affairs of a client except in limited circumstances, such as when the client is a related person as defined in the Income Tax Act (Canada) and control is exercised in accordance with firm policies and procedures, or in the case of certain control granted in a discretionary account. The CSA is also of the view that a registrant having full control or authority over the financial affairs of a client may create a material conflict of interest. So, if a firm is not going to avoid this conflict, it should create a specific procedure to ensure that these conflicts are identified and are addressed in the client’s best interest. For example, specific pre-approval from the CCO could be obtained, based on a justification of why such activity would be in the best interests of the client in the specific instance, and procedures to manage the potential conflict such as having the individual advisor recuse himself or herself on matters involving the appointment of an investment manager could be implemented, where possible.
We understand that simply being appointed an executor in a will does not currently amount to a disclosable OBA in Form 31-103F4, and will only become disclosable once a registrant steps into that role and is vested with the powers of the office of an executor. We believe the same logic could apply to other powers of attorney as well, depending on the type of powers granted.
May 31, 2021
Answer: While it may be considered industry standard to conduct ongoing monitoring annually, FINTRAC allows registrants to determine the frequency with which a registrant will monitor its clients’ accounts. Accordingly, every firm should have policies and procedures that reflect what they have determined to be a reasonable process for conducting ongoing monitoring. In general, the frequency of ongoing monitoring will depend on the types of services provided to the clients, the type of relationship the firm has with its clients, and the risk level of the clients.
Of course, FINTRAC rules can not be viewed in isolation, and registrant firms must also consider the requirements set out in the Client Focused Reforms Amendments to NI 31-103 and Companion Policy 31-103CP (CFR Amendments) relating to know-your-client (KYC) information which come into force at the end of the year. For managed accounts, a review should occur at least every 12 months; if the registrant is an exempt market dealer (EMD), the review should occur within 12 months before making a trade for, or recommending a trade to, the client. In any other case, reviews are expected to occur no less frequently than once every 36 months.
For any high-risk client, FINTRAC would expect monthly or quarterly monitoring, as well as the close monitoring of all of that client’s transactions.
We recommend that firms make explicit note of the fact that AML information was considered as part of the client’s information update. For more specific guidance regarding what other information should be collected from clients as part of the AML ongoing monitoring requirements, please do not hesitate to contact us.
May 31, 2021
Answer: When considering an investment in a reporting issuer, we often get questions on whether the early warning reporting (EWR) requirements apply and whether a report is required under National Instrument 62-104 Take-Over Bids and Issuer Bids or National Instrument 62-103 The Early Warning System and Related Take-Over Bid and Insider Reporting Issues (NI 62-103). Typically, a purchaser must promptly issue a news release and file an early warning report in the prescribed form within two business days of a purchase exceeding the thresholds. However, NI 62-103, in certain instances, may allow a portfolio manager to rely on the alternative monthly reporting (AMR) regime to report the beneficial ownership of, or control or direction over, voting or equity securities (or convertible securities) of the reporting issuer in question within 10 days of each month-end in which a report is required to be made. A separate insider report may also be required to be filed on SEDI under applicable securities regulations with respect to such investment in the reporting issuer unless an exemption is available. In addition to the early warning and insider reports, a portfolio manager should also consider other rules, including whether consent for a purchase of securities would be required under National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations (NI 31-103). For example, NI 31-103 prohibits a registered adviser from causing an investment portfolio it manages (including an investment fund) to purchase a security of an issuer in which a responsible person (as defined in NI 31-103) is a partner, officer or director unless the written consent of the client (which means the unitholders of a fund if the client is a fund) is obtained before the purchase.
There are also other conflict of interest issues to consider in these instances. For example, where the purchase in question is by an investment fund, particularly of larger positions, portfolio managers should consider whether such transaction would be prohibited by conflict of interest rules such as those found in subsection.111(2) of the Securities Act (Ontario). This provision prohibits an investment fund from making an investment in any person or company in which the fund, alone or together with one or more related investment funds, is a substantial security holder (generally, beneficial ownership of voting securities to which are attached more than 20% of the voting rights attached to all of the issuer’s voting securities). The calculation to determine whether the issuer owns 20% or more of a reporting issuer is different for the purposes of s.111 of the OSA and or the purposes of the EWR and AMR regime in NI 62-103.
These rules require careful consideration and can be complex, including with respect to determining a person’s ownership percentage of securities of a reporting issuer. If you have any questions with respect to these requirements, please do not hesitate to contact us.
February 26, 2021
Answer: The FATCA and CRS provisions of the Income Tax Act (Canada) (the “ITA”) and the guidance issued by the Canada Revenue Agency (CRA) in connection with those provisions addresses the application of the FATCA and CRS due diligence and reporting requirements in circumstances where there are multiple financial institutions involved in a particular financial account. Generally, where an account is maintained by two financial institutions, each of which would have FATCA and CRS due diligence and reporting requirements, the parties can enter into arrangements to allocate the FATCA and CRS obligations applicable to the account amongst them in order to alleviate duplicate reporting. So, the answer is … yes!
If units of a fund are held in client name, both the fund and the dealer involved in the distribution have FATCA and CRS obligations with respect to the account. In general, the CRA expects dealers to perform the due diligence and account classification and funds to report on the accounts, unless a fund has been advised by a dealer that the dealer will take responsibility for its own reporting. While the ITA and CRA guidance sets out some default arrangements, financial institutions can enter into written agreements to allocate the responsibilities based on their circumstances. It is advisable to retain records of such arrangements in order to demonstrate compliance with FATCA and CRS obligations.
With respect to custodians, the CRA generally expects the financial institution with the most immediate relationship with the client to be best positioned to understand the client’s tax status (i.e. conduct the due diligence), however it is appreciated that custodians may be in a better position to provide reporting. The CRA expects a suitable arrangement to include one where the investment manager performs the due diligence and communicates the account classification to the custodial institution for reporting by the custodian to the CRA.
January 29, 2021