Monday, February 11, 2019

Root Cause Analysis: Increasing the utility of IIROC Hearing Panels

IIROC investigates and initiates disciplinary proceedings to determine whether there has been a breach of IIROC Rules , securities legislation, or other requirements relating to trading or advising in respect of securities, commodities contracts or derivatives. Enforcement staff review the findings of the investigation and recommend an appropriate course of action.

If the evidence establishes a contravention of IIROC requirements, Enforcement staff may initiate a disciplinary proceeding in order to resolve the matter before an IIROC Hearing panel. The Rules require that the Hearing Panel be made up of one public chair (generally a retired judge or lawyer) and two industry members (either active or retired).Hearing Panels decide the case based only on the evidence that is put before them. This limitation is a barrier to corrective action as we discuss in this document.

The stated purpose of IIROC disciplinary proceedings is to maintain high standards of conduct in the securities industry and to protect market integrity. Sanction Guidelines are intended to promote consistency, fairness and transparency by providing a framework to guide the exercise of discretion in determining sanctions which meet the general sanctioning objectives. IIROC Sanction Guidelines assist Hearing panels in determining whether to accept settlement agreements.

The Hearing Panel is responsible for the hearing process, determining whether any misconduct occurred and if so, whether any sanctions should be imposed on the Respondent. At the conclusion of a hearing, the Hearing Panel issues written reasons for its decisions concerning misconduct and sanctions.

The declared purpose of sanctions in a regulatory proceeding is to protect the public interest by restraining future conduct that may harm the capital markets. In order to achieve this, sanctions should be significant enough to prevent and discourage future misconduct by the respondent (specific deterrence), and to deter others from engaging in similar misconduct (general deterrence). We note that investor compensation is not on the Panel radar- something that needs to be addressed because client restitution is in the public interest. 

Deterrence is a key component of any effective enforcement strategy. Deterrence is credible when would-be wrongdoers perceive that the risks of engaging in misconduct outweigh the rewards and when non-compliant attitudes and behaviors are discouraged. Deterrence occurs when persons who are contemplating engaging in misconduct are dissuaded from doing so because they have an expectation of detection and that detection will be rigorously investigated, vigorously prosecuted and punished with robust and proportionate sanctions.

Misconduct is defined as unacceptable or improper behavior by a dealer and/ or Dealing Rep. However, not all rule breaches are a result of deliberate registrant misconduct. We could include negligence / errors of omission, inadvertent error, ineffective disclosure processes and honest misunderstandings. Other more likely  potential causes include but are not limited to poorly framed rules, deficient prospectuses, outdated policies and procedures, weak business / IT control systems, unqualified staff, deficient KYC process, inadequate staff training, lax supervisory processes , an ineffective compliance function and poor complaint handling.

Consider poor client complaint handling- it is a recurring issue. If client complaints were handled more effectively, much investor grief could be avoided. It is our firm conviction that IIROC rule 2500B is a root cause. The rule lacks depth, favors dealers, allows diversions to internal “ombudsman” and is open loop as regards systemic issues. See More issues with IIROC complaint handling Rules http://www.canadianfundwatch.com/2018/04/mre-issues-with-iiroc-client-complaint.html  and Fairness and balance in the complaint process where interests of the dealer and registered representative must be considered!    http://blog.moneymanagedproperly.com/

Leveraged ETF’s are another example .LETF’s may be mis-sold to a buy-and-hold investor because the Rep did not understand the mechanics of LETF’s.  The reason for the mis-selling could be that he/ she did not fully understand the product because the dealer did not ensure Reps were adequately trained to recommend such complex products.  The root cause of the breach then is a deficient dealer training program for Reps coupled with lax dealer supervision. Another example might be weak risk profiling tools provided by the dealer. Any Rep using such tools might conclude with an improper client risk profile which could in turn result in unsuitable recommendations. In such a case, the root cause of the rule contravention is dealer management which had provided Reps with inadequate tools of the trade.

A root cause is defined as a factor that caused a non-conformance/ Rule breach and should be permanently eliminated through process improvement. Root cause analysis (RCA) is a collective term that describes a wide range of approaches, tools, and techniques used to uncover causes of problems. The highest-level cause of a problem is called the root cause. Root cause analysis is part of a more general problem solving process and an integral part of continuous improvement.Because of this, root cause analysis is one of the core building blocks in an organization’s continuous improvement efforts.

Root Cause Analysis (RCA)


Many rule breaches have their root cause in dealer compensation models. Compensation drives Rep behaviour which leads to misconduct if the design is defective and dealer monitoring is sporadic .For instance: supervisors obtaining commission over-rides on staff supervised, branch managers compensated solely based on branch profitability, commission grids biased towards proprietary products and conflicts-of-interest associated with recommending a fee -based account. Unless Hearing Panels dig deep, such systemic issues may not be identified or dealt with. In fact, we now know via the IIROC compensation survey that such investor-unfriendly practices have been alive and well for years. They were there in full sight but not dealt with by Hearing Panels.

Hearing Panels are structured to decide cases where there had been a breach of IIROC rules /securities laws -misconduct. A critical role to be sure, but breaches can also provide invaluable information about how the regulatory control system is functioning (or not).

While it is necessary to sanction Dealers /individuals for breaches, it is also necessary to drill down further. Is the Rep proficient in dealing with de-accumulating accounts? Is the compensation and reward system designed to incent individuals to cross the line? Are sales quotas unrealistic and/or inappropriate? Have Reps been provided the tools they need to do their job? Are supervisory control systems robust? Are dealing representative recruitment criteria matched up with the ethical and conduct standards to comply with securities regulations /laws and the provision of trustworthy personalized financial advice? Are controls and information systems designed to promptly detect system breaches? It is only by addressing root causes that we can improve the system , reduce breaches and improve the fairness of decisions.

It is well known that discount brokers have been improperly collecting trailer commissions for services and personalized advice that was not and could not be provided. Yet until this was recently challenged via several Class Actions, the dealers did nothing to stop the investor abuse. In a very real sense this was organized theft. Discounters could have easily set parameters to exclude the purchase of funds that have a fee for personalized advice or services just like the parameter to reject a stock or fund purchase if there is not enough cash in the account to pay for the purchase. Over all these years, were there not hearings where this could have been dealt with before hundreds of millions of investor retirement savings were transferred to dealers? This abuse is clearly a management responsibility- tone at the top.

Since we believe that management is responsible for 80-90 % of problems, Hearing Panels should be checking to identify root causes rather than just deal with symptoms of episodic misconduct. In that way the overall system can be corrected and failure mechanisms eliminated. This is called continuous improvement and it is missing from the current Hearing process design.

Too many Panel hearings fail to establish corrective actions based on Root Cause analysis. Kenmar have observed that dealers with sound supervisory practices for suitability generally identified risks, developed policies, and implemented controls tailored to the specific features of the products they offered and their client base. These controls help identify any bad practices by Dealing Reps long before they become big problems. These controls include, for example, restricting or prohibiting recommendations of products for certain investors ( e.g. seniors) , as well as establishing systems- based controls (or “hard blocks”) for recommendations of certain products to retail investors to ensure that representatives adhered to those restrictions or prohibitions. Technology and specialized software ( e.g. security risk-rating ) can greatly assist supervision and compliance. These are the kind of corrective actions we’d like to see considered on every case.

Some dealers also implement methods to verify the source of funds for leveraged transactions. In addition, certain dealers require representatives, including principals with supervisory responsibilities, to receive training on specific complex or high-risk products before the representatives recommend them so the representatives fully understood the products’ risks and performance characteristics, as well as the types of investors for whom the product might not be suitable. Control System issues should always be part of Panel decision making as they are often the best form of lasting corrective action.

We’ve also observed some Dealers facing challenges with their supervisory control systems and other operational issues relating to quantitative suitability. For example, as concluded by PlanPlus Research (http://www.osc.gov.on.ca/documents/en/Investors/iap_20151112_risk-profiling-report.pdf }, most risk profiling processes in use today are unfit for use. Deficient risk profiling processes were never explicitly flagged by Panels as a systemic root cause – the belief was that it was always the individual that was responsible.  “Misconduct” and unsuitable recommendations will continue until core KYC processes are corrected. See SIPA report  Improving the KYC process
https://www.sipa.ca/library/SIPAsubmissions/500%20SIPA%20REPORT%20-%20KYC%20Process%20Needs%20Overhaul%20-%20201607.pdf

The scandal involving double billing is a prime example of a breakdown in control systems. The inability to correctly assign fees and promptly detect the mischarging was a systemic issue within firms and across the industry. It is clear from the no –contest Settlement agreements that the wealth management industry needs to beef up the quality assurance of its systems and controls. This requires ongoing system audits, periodic system testing and review of client complaints/ feedback. Process owners need to be held accountable. Root cause analysis was not employed by securities regulators. Hearing Panels should have enumerated a corrective action plan in addition to fines and other sanctions. Merely consenting to fix the systems for fee calculation robustness does not explain the poor initial design and failure to uncover fundamental system flaws, in some cases, for over a decade. CRM2 reporting was instrumental in bringing the internal control issue to light.

When a Dealer or Rep has “actual or de facto control” over a client’s account, there must be a reasonable basis that a series of recommended securities transactions are not excessive and unsuitable in light of the client’s investment profile. DSC mutual fund manipulations and fund churning are a classic example that should not be permitted to happen. Some progressive dealers have developed parameters for trading volume and cost to identify and prevent excessive trading/fund churning as well as restrictions on frequency or patterns of clustered or single product exchanges. In some cases, clients whose accounts breached the firm’s thresholds should receive telephone calls from principals or detailed activity letters setting forth the frequency and cost of trading over specific periods. These are the kind of learnings and action plans we’d like to see integral to Panel Decisions.

The best dealers have an organized, validated risk profiling process. System triggers should kick in when certain KYC criteria are incongruent or suspicious. Too many dealers do not have controls in place to validate changes in risk profile. All too often we see risk tolerance increased simply to justify what has been sold to clients. Better supervisory controls should be applied to risk profile changes increasing the client’s risk tolerance. Our review of numerous Panel cases suggests that Seniors/ retirees should not be put through the same KYC processes as clients of other age groups and the frequency of KYC updates /type of KYC information gathered should vary with age.

We would like to see IIROC formally build corrective action into its Panel Decision objectives. IIROC should summarize these observations for industry action and/or a change in Rules.

The bottom line

IIROC has worked on improving the efficiency of enforcement /Hearing Panels and the collection of fines , primarily from individuals. This may improve investor protection at the margin. A true corrective action program would yield much more substantive, lasting effects and thereby less need for Hearings and fine collection. As professor Peter Drucker has said “  Doing the right thing is more important than  doing things right”. When tactics and strategy balance, regulation is enhanced.

Obviously, individuals should be sanctioned for misrepresentation, unauthorized trading, Off book sales, signature forgery / document adulteration and fraudulent acts. But even in these cases, the Dealer should be jointly held accountable for the actions of its representatives. It is therefore our view that the Hearings process should be reviewed and updated to reflect prevailing thinking on securities regulation, dealer accountability and enhanced investor protection expectations.

We’ve found that currently dealers and Dealing Reps are not doing enough to uphold the suitability standard for their clients, .They must be able to demonstrate why their recommendations are a good fit for the client’s unique needs/goals, risk profile, personal and financial circumstances – in other words, to practise KYP ,KYC and responsible supervision. One solution might be a recommendation that Investment Policy Statements be employed as industry standard practice. That is the kind of deliverable we’d expect if Panel decisions were analyzed with a corrective action perspective rather than on case by case basis limited to sanctions. As currently structured , such a recommendation from a Panel is unlikely .

Each Panel decision should, as a Best practice, look not only at sanctions/deterrence but also at underlying management control and supervisory systems. Every breach of the rules is an opportunity for improvement. An ounce of prevention is worth a pound of cure.

The Panels can be given a form of score sheet or checklist that could be used to help Panel members test for common weaknesses; the information from these can be entered and analyzed for even broader value.  FAIR Canada and others have called for considerably stronger analytics and publicly accessible, relational, searchable databases that will better focus regulatory action. 2019 is the year to get this initiative under way.

Ken Kivenko