Compliance reviews by regulators follow a prescribed format depending on what has triggered the visit, whether a full compliance review, targeted review or a for-cause review based on information that has come to their attention. But, during any type of review, there are certain deficiencies that are more significant than others. Here’s what regulators look for.
- STRENGTH OF COMPLIANCE SYSTEMS
Many firms go through the whole registration process, and still don’t have a solid compliance system in place. This includes: detailed written policies and procedures that actually reflect what the firm does and how it operates; and all staff having ready access to it. Firms must devote sufficient resources to compliance based on their size, complexity and potential for associated risks. Firms can’t expect advisors to do the right thing without giving them specific written rules. These should include how to gather KYC information, explain the products available, what documentation is required, marketing rules and general employee conduct. The Chief Compliance Officer must, on an annual basis, also produce an annual report to the board assessing how the firm is complying with securities legislation, including any deficiencies and how they’re being addressed. Regulators will read this report to get an idea of how seriously the firm takes its compliance responsibilities.
- DEALING WITH CLIENTS IN OTHER JURISDICTIONS
Advisors cannot deal with clients in other provinces unless they’re registered there. If your client moves to another province, then the mobility exemption will allow you to continue dealing only with those types of clients, with certain restrictions.
For those clients who live outside of Canada, you have to ensure you meet the registration requirements of the foreign jurisdiction. The rules vary greatly from country to country, and regulators will expect you to have taken steps to confirm you’re not contravening foreign regulations. Their view is that if you contravening the regulations of another jurisdiction, then you are not taking your compliance responsibilities seriously.
- OUTSIDE BUSINESS ACTIVITIES
Advisors must disclose all OBAs on the National Registration Database (NRD) and detail what policies are in place to mitigate the potential for conflicts of interest. This disclosure includes items such as: if you’re licensed to sell insurance; have a holding company; coach junior hockey; and are involved in a charity or a religious organization. It’s best to over-disclose to ensure you’re not accused of hiding anything.
Regulators will review OBAs to determine whether you’re using your position unfairly and to the detriment of the client. This is particularly important when you are promoting a product from a related issuer as many EMDs do. You have to be extremely careful to show that, even though you have a vested interest in promoting a particular issuer, you are still acting in the best interests of the client. A fulsome suitability review and backup notes must explain why the investment was appropriate for the client. This includes a detailed KYC form containing information about the client’s current financial position, their objectives, investment knowledge and risk tolerance. In recommending a particular product, advisors need to explain in writing what makes this investment appropriate, as opposed to similar products. Simply ticking the boxes on the KYC form does not demonstrate that you have had a meaningful discussion with a client.
- DELEGATING KYC AND SUITABILITY TO A THIRD PARTY
In some firms, relationship managers, account executives or other third parties fill out KYC forms. Regulators have repeatedly stated this does not conform to registration requirements, nor does it ensure that an advisor will deal fairly, honestly and in good faith with a client. The view is that these third parties are not qualified to have the type of meaningful conversation that a registered individual needs to have to determine the client’s financial needs. Further, it doesn’t give the advisor an opportunity to explain the firm’s investment strategies and what the client can expect. This leads to client confusion about who is actually managing her account, and leaves an advisor open to claims that certain investments were inappropriate if the KYC is deficient. So, you must make every effort to meet clients face-to-face. If that’s not possible, at least speak to each client via phone or email. And ensure compliance doesn’t sign off on an application until they’re confident the client information is accurate and investments are suitable.
- SELLING SECURITIES TO NON-QUALIFIED INVESTORS
The current rules surrounding distributing prospectus-exempt products can be confusing and don’t easily apply to clients’ real-life situations. However, if an advisor cannot clearly show that a client qualifies as an accredited investor, and that the investment is suitable, compliance has a duty to reject the trade. You need to ask detailed questions and take copious notes to explain the client’s financial position, and why you’re recommending a particular investment over another. The sale of securities to non-qualified investors is a serious breach of securities legislation, and can lead to having your registration terminated, the trade being unwound and even the firm’s registration being suspended.
A compliance review can be a useful tool to determine how effective you are in adhering to securities legislation. Perform an internal review, which includes an annual review of your policies and procedures manual, all NRD profiles, and a random sample of client accounts. Having a compliance platform in place to manage both KYP and KYC, as offered by KoreConX, goes a long way to preparing your firm in case the Regulators come knocking.
Jonathan Heymann began his career in the financial services industry working at Spectrum United, a mutual fund company. In 1999, Jonathan joined the Ontario Securities Commission and within two years became a Supervisor in the OSC Contact Centre, where he developed a broad knowledge of the Capital Markets in Canada and particularly the role of compliance.