Alert:
Compliance Responsibilities
This Notice is being issued to outline the expectations of the MFDA with respect to the development and operation of an effective compliance function.
The Role of the Member and Its Officers
Under MFDA Rule 2.5.1, each Member is responsible for establishing, implementing and maintaining policies and procedures to ensure that its business is handled in accordance with the Forms, By-laws, Rules and Policies of the MFDA and with other applicable securities legislation. The duties of the Member under Rule 2.5.1 extend to all directors with respect to their corporate governance responsibilities and to all officers of the Member with regard to their areas of management responsibility. The Member’s policies and procedures should reference those responsibilities and Members should take steps to ensure that all such individuals are aware of their respective responsibilities.
Directors and officers should also be mindful of their responsibilities under provincial securities regulations.
The Role of the Compliance Officer
Rule 2.5.3 requires every Member to designate a trading officer as a compliance officer who is, or reports to, a member of senior management (such as the Member’s chief executive officer, chief operating officer or chief financial officer). This person must be registered and/or licensed in the appropriate category under applicable securities legislation and must have the necessary knowledge of industry regulations and Member policies to act in this capacity.
The compliance officer is responsible for monitoring adherence by the Member and its Approved Persons to all applicable MFDA and securities legislation requirements.
Qualified alternate compliance officers must be designated to perform the required compliance duties in the event that the compliance officer is temporarily absent or unable to perform his or her responsibilities. Certain tasks and procedures may be delegated to other knowledgeable and qualified individuals, but the responsibility to monitor cannot, except as expressly permitted. For example, duties associated with the accounting function may be assigned to the dealer’s chief financial officer, however, the overriding responsibility to ensure that financial reporting is performed in accordance with our rules rests with the compliance officer. Where any task has been delegated, the compliance officer must ensure that the task is being performed adequately and that exceptions are brought to his or her attention.
Under MFDA Rule 2.5.3(b), the compliance officer or the individual to whom the compliance officer reports is required to report on the status of compliance at the Member to the board of directors or partners of the Member as necessary, but at least on an annual basis. It is the responsibility of the board of directors or partners of the Member to act on all such reports and to rectify any compliance deficiencies that have been noted. Appropriate records must be maintained.
In a number of compliance examinations completed to date, MFDA staff observed that the reporting required under Rule 2.5.3(b) had not been completed. The board of directors, senior management and compliance officer must have procedures in place to ensure that these reports are made. Compliance with the Rule provides a means for the Member’s board/partners to confirm that the monitoring function has been effectively performed by the compliance officer, and also provides an opportunity for the compliance officer to demonstrate that he or she has brought issues to the attention of the board/partners for resolution.
Creating an Effective Compliance Function
MFDA Policy No. 2 notes that effective self-regulation begins with the Member establishing and maintaining a supervisory environment which both fosters the business objectives of the Member and maintains the self-regulatory process. There may be a variety of methods to appropriately address regulatory issues and Member firms may tailor their internal policies and procedures to their specific needs. However, at a minimum, the Member’s policies and procedures manual should clearly outline supervisory requirements and direct how these functions are to be completed. The manual should also include information about the objectives of the compliance function and risk management in general; a discussion of applicable legislation; a description of the designated role of compliance officers and their authority, responsibility and accountability for compliance; and internal investigation procedures with respect to compliance and control issues. For additional guidance on the content requirements for the policies and procedures manual, we refer Members to MFDA Staff Notice MSN-0008 Policies and Procedures Manual.
The MFDA Rules, By-laws and Policies contain a number of requirements that must be satisfied in order to provide a basic level of supervision. Some of these are outlined below, along with some recommended practices designed to help Members ensure that the obligations of both senior management and the compliance officer are properly discharged.
i) Follow Up/Resolution
Most Members have procedures in place with respect to the identification of trade supervision issues. However, as noted in Policy No. 2, in addition to identifying instances of failure to adhere to required policies and procedures, the compliance process must properly address undesirable account activity once it has been detected. All issues that have been identified must be followed up and resolved in an appropriate fashion.
ii) Records
Policy No. 2 requires that evidence of all reviews including date of completion, actions and responses be maintained for at least seven years. As well as providing an audit trail with respect to the resolution of individual issues, as a best practice, the data collected can be used to identify potentially broader problems where changes to policies and procedures may be appropriate.
iii) Testing Compliance
Policy No. 2 also directs that an on-going review of sales compliance procedures and practices be undertaken both at head office and at branch offices. Ideally, the results of these internal reviews should be used to help in identifying trends and common issues, which may indicate systemic problems. Results should be reported to senior management so that the adequacy of the Member’s controls can be assessed, again so that changes can be made where warranted.
iv) Complaint History
Under Policy No. 3, each Member must maintain an orderly, up-to-date record of complaints together with follow-up documentation regarding such complaints, for regular internal/external compliance reviews. This record must be retained for a period of seven years. When a Member finds complaints to be a significant factor, internal procedures and practices should be reviewed, with recommendations for changes to be submitted to the appropriate management level.
v) Maintaining Awareness of Regulatory Changes
The account supervision function specified in Policy No. 2 must be executed by designated individuals who have the necessary knowledge of industry regulations and Member policies to properly perform the duties. To ensure that this requirement is met, compliance staff should periodically review resource materials and participate in continuing education programs to stay informed with respect to recent regulatory developments. Member policies and procedures must be updated accordingly.
vi) Education
Policy No. 2 notes that a major aspect of self-regulation is the ongoing education of staff in all areas of sales compliance. To meet this objective, Members should offer educational programs to staff and Approved Persons that include training on recent changes to the regulatory environment, and provide information relating to new procedures and commonly identified issues.