investigates and initiates disciplinary proceedings to determine whether there
has been a breach of IIROC Rules , securities legislation, or other
requirements relating to trading or advising in respect of securities,
commodities contracts or derivatives. Enforcement staff review the
findings of the investigation and recommend an appropriate course of action.
If the evidence establishes a contravention of IIROC
requirements, Enforcement staff may initiate a disciplinary proceeding in order
to resolve the matter before an IIROC Hearing panel. The
Rules require that the Hearing Panel be made up of one public chair (generally
a retired judge or lawyer) and two industry members (either active or
retired).Hearing Panels decide the case based only on the evidence that is put
before them. This limitation is a barrier to corrective action as we discuss in
purpose of IIROC disciplinary proceedings is to maintain high standards of
conduct in the securities industry and to protect market integrity. Sanction
Guidelines are intended to promote consistency, fairness and transparency by
providing a framework to guide the exercise of discretion in determining
sanctions which meet the general sanctioning objectives. IIROC Sanction Guidelines assist
Hearing panels in determining whether to accept settlement agreements.
The Hearing Panel is responsible for the hearing process, determining
whether any misconduct occurred and if so, whether any sanctions should be
imposed on the Respondent. At the conclusion of a hearing, the Hearing Panel
issues written reasons for its decisions concerning misconduct and sanctions.
purpose of sanctions in a regulatory proceeding is to protect the public
interest by restraining future conduct that may harm the capital markets. In
order to achieve this, sanctions should be significant enough to prevent and
discourage future misconduct by the respondent (specific deterrence), and to
deter others from engaging in similar misconduct (general deterrence). We note
that investor compensation is not on the Panel radar- something that needs to
be addressed because client restitution is in the public interest.
is a key component of any effective enforcement strategy. Deterrence is
credible when would-be wrongdoers perceive that the risks of engaging in
misconduct outweigh the rewards and when non-compliant attitudes and behaviors
are discouraged. Deterrence occurs when persons who are contemplating engaging
in misconduct are dissuaded from doing so because they have an expectation of
detection and that detection will be rigorously investigated, vigorously prosecuted
and punished with robust and proportionate sanctions.
Misconduct is defined as unacceptable or improper
behavior by a dealer and/ or Dealing Rep. However, not all rule breaches are a
result of deliberate registrant misconduct. We could include negligence / errors of
omission, inadvertent error, ineffective disclosure processes and honest
misunderstandings. Other more likely potential causes include but are not limited
to poorly framed rules, deficient prospectuses, outdated policies and procedures,
weak business / IT control systems, unqualified staff, deficient KYC process, inadequate
staff training, lax supervisory processes , an ineffective compliance function
and poor complaint handling.
ETF’s are another example .LETF’s may be mis-sold to a buy-and-hold investor
because the Rep did not understand the mechanics of LETF’s. The reason
for the mis-selling could be that he/ she did not fully understand the product because
the dealer did not ensure Reps were adequately trained to recommend such
complex products. The root cause of the breach then is a deficient dealer
training program for Reps coupled with lax dealer supervision. Another example
might be weak risk profiling tools provided by the dealer. Any Rep using such
tools might conclude with an improper client risk profile which could in turn result
in unsuitable recommendations. In such a case, the root cause of the rule
contravention is dealer management which had provided Reps with inadequate
tools of the trade.
A root cause is defined as a
factor that caused a non-conformance/ Rule breach and should be permanently
eliminated through process improvement. Root cause analysis (RCA) is a
collective term that describes a wide range of approaches, tools, and techniques
used to uncover causes of problems. The highest-level cause of a
problem is called the root cause. Root
cause analysis is part of a more general problem solving process and an integral part of
continuous improvement.Because of this, root
cause analysis is one of the core building blocks in an organization’s
continuous improvement efforts.
Root Cause Analysis (RCA)
Many rule breaches have their root cause in dealer
compensation models. Compensation drives Rep behaviour which leads to misconduct
if the design is defective and dealer monitoring is sporadic .For instance:
supervisors obtaining commission over-rides on staff supervised, branch managers
compensated solely based on branch profitability, commission grids biased
towards proprietary products and conflicts-of-interest associated with
recommending a fee -based account. Unless Hearing Panels dig deep, such
systemic issues may not be identified or dealt with. In fact, we now know via
the IIROC compensation survey that such investor-unfriendly practices have been
alive and well for years. They were there in full sight but not dealt with by
Panels are structured to decide cases where there had been a breach of IIROC
rules /securities laws -misconduct. A critical role to be sure, but breaches can
also provide invaluable information about how the regulatory control system is
functioning (or not).
While it is necessary to sanction Dealers /individuals for breaches, it is also
necessary to drill down further. Is the Rep proficient in dealing with
de-accumulating accounts? Is the compensation and reward system designed to
incent individuals to cross the line? Are sales quotas unrealistic and/or
inappropriate? Have Reps been provided the tools they need to do their job? Are
supervisory control systems robust? Are dealing representative recruitment
criteria matched up with the ethical and conduct standards to comply with
securities regulations /laws and the provision of trustworthy personalized
financial advice? Are controls and information systems designed to promptly
detect system breaches? It is only by addressing root causes that we can
improve the system , reduce breaches and improve the fairness of decisions.
It is well
known that discount brokers have been improperly collecting trailer commissions
for services and personalized advice that was not and could not be provided.
Yet until this was recently challenged via several Class Actions, the dealers
did nothing to stop the investor abuse. In a very
real sense this was organized theft. Discounters could have easily set
parameters to exclude the purchase of funds that have a fee for personalized
advice or services just like the parameter to reject a stock or fund purchase
if there is not enough cash in the account to pay for the purchase. Over
all these years, were there not hearings where this could have been dealt with
before hundreds of millions of investor retirement savings were transferred to
dealers? This abuse is clearly a management responsibility- tone at the top.
believe that management is responsible for 80-90 % of problems, Hearing Panels
should be checking to identify root causes rather than just deal with symptoms
of episodic misconduct. In that way the overall system can be corrected and
failure mechanisms eliminated. This is called continuous improvement and it is
missing from the current Hearing process design.
Panel hearings fail to establish corrective actions based on Root Cause analysis.
Kenmar have observed that dealers with sound supervisory practices for
suitability generally identified risks, developed policies, and implemented
controls tailored to the specific features of the products they offered and
their client base. These controls help identify any bad practices by Dealing Reps
long before they become big problems. These controls include, for example,
restricting or prohibiting recommendations of products for certain investors (
e.g. seniors) , as well as establishing systems- based controls (or “hard
blocks”) for recommendations of certain products to retail investors to ensure
that representatives adhered to those restrictions or prohibitions. Technology
and specialized software ( e.g. security risk-rating ) can greatly assist
supervision and compliance. These are the kind of corrective actions we’d like
to see considered on every case.
also implement methods to verify the source of funds for leveraged transactions.
In addition, certain dealers require representatives, including principals with
supervisory responsibilities, to receive training on specific complex or
high-risk products before the representatives recommend them so the representatives
fully understood the products’ risks and performance characteristics, as well
as the types of investors for whom the product might not be suitable. Control System
issues should always be part of Panel decision making as they are often the
best form of lasting corrective action.
The scandal involving double billing is a prime example
of a breakdown in control systems. The inability to correctly assign fees and
promptly detect the mischarging was a systemic issue within firms and across
the industry. It is clear from the no –contest Settlement agreements that the
wealth management industry needs to beef up the quality assurance of its
systems and controls. This requires ongoing system audits, periodic system
testing and review of client complaints/ feedback. Process owners need to be
held accountable. Root cause analysis was not employed by securities regulators.
Hearing Panels should have enumerated a corrective action plan in addition to
fines and other sanctions. Merely consenting to fix the systems for fee
calculation robustness does not explain the poor initial design and failure to
uncover fundamental system flaws, in some cases, for over a decade. CRM2
reporting was instrumental in bringing the internal control issue to light.
When a Dealer or Rep has “actual or de facto control” over a client’s
account, there must be a reasonable basis that a series of recommended
securities transactions are not excessive and unsuitable in light of the client’s
investment profile. DSC mutual fund manipulations and fund churning are a classic
example that should not be permitted to happen. Some progressive dealers have
developed parameters for trading volume and cost to identify and prevent
excessive trading/fund churning as well as restrictions on frequency or
patterns of clustered or single product exchanges. In some cases, clients whose
accounts breached the firm’s thresholds should receive telephone calls from
principals or detailed activity letters setting forth the frequency and cost of
trading over specific periods. These are the kind of learnings and action plans
we’d like to see integral to Panel Decisions.
The best dealers have an organized, validated risk profiling process.
System triggers should kick in when certain KYC criteria are incongruent or
suspicious. Too many dealers do not have controls in place to validate changes
in risk profile. All too often we see risk tolerance increased simply to
justify what has been sold to clients. Better supervisory controls should be
applied to risk profile changes increasing the client’s risk tolerance. Our
review of numerous Panel cases suggests that Seniors/ retirees should not
be put through the same KYC processes as clients of other age groups and the
frequency of KYC updates /type of KYC information gathered should vary with
We would like to see IIROC formally build corrective
action into its Panel Decision objectives. IIROC should summarize
these observations for industry action and/or a change in Rules.
The bottom line
IIROC has worked on improving the efficiency of enforcement
/Hearing Panels and the collection of fines , primarily from individuals. This
may improve investor protection at the margin. A true corrective action program
would yield much more substantive, lasting effects and thereby less need for
Hearings and fine collection. As professor Peter Drucker has said “ Doing the right thing is more important
than doing things right”. When tactics
and strategy balance, regulation is enhanced.
Obviously, individuals should be sanctioned for misrepresentation, unauthorized
trading, Off book sales, signature forgery / document adulteration and
fraudulent acts. But even in these cases, the Dealer should be jointly held
accountable for the actions of its representatives. It is therefore our view
that the Hearings process should be reviewed and updated to reflect prevailing
thinking on securities regulation, dealer accountability and enhanced investor protection
found that currently dealers and Dealing Reps are not doing enough to uphold
the suitability standard for their clients, .They must be able to demonstrate
why their recommendations are a good fit for the client’s unique needs/goals,
risk profile, personal and financial circumstances – in other words, to
practise KYP ,KYC and responsible supervision. One solution might be a
recommendation that Investment Policy Statements be employed as industry standard
practice. That is the kind of deliverable we’d expect if Panel decisions were analyzed
with a corrective action perspective rather than on case by case basis limited
to sanctions. As currently structured , such a recommendation from a Panel is
Each Panel decision should, as a Best practice, look not
only at sanctions/deterrence but also at underlying management control and
supervisory systems. Every breach of the rules is an opportunity for
improvement. An ounce of prevention is worth a pound of cure.
The Panels can be given a form of score sheet or
checklist that could be used to help Panel members test for common weaknesses;
the information from these can be entered and analyzed for even broader
value. FAIR Canada and others have
called for considerably stronger analytics and publicly accessible, relational,
searchable databases that will better focus regulatory action. 2019 is the year
to get this initiative under way.