In the wake of the increasing concern about the COVID-19 novel coronavirus, the Investment Industry Regulatory Organization of Canada (IIROC) and the Mutual Fund Dealers Association of Canada (MFDA) released guidance to aid their Members in circumstances where they may have to conduct off-site operations. The Notice 20-0044 (the IIROC Notice) is available here and the MFDA Bulletin #0815-M (the MFDA Notice) is available here. They are summarized in turn below.
The Canadian Securities Administrators (CSA) also issued a press release, as has the OSC. More regulatory communications from the CSA and its various members are expected imminently. Please stay tuned for an update from our Securities and Capital Markets Group, which will outline the CSA regulatory responses and the implications on reporting issuers, investment funds and registrants.
The IIROC Notice indicates that Members should consider backup sites and “work from home” arrangements. IIROC will allow these arrangements as long as Members can maintain requisite levels of supervisory, confidentiality and other regulatory requirements. IIROC notes that as these arrangements may increase dependence on telecommunications infrastructure, Members should consider obtaining dedicated or premium broadband service for those critically important employees working from home. IIROC also advises that Members should consider use multiple telecommunications carriers and/or multiple communication devices in a secure environment.
IIROC provides the following examples as to how pandemics differ from other business disruptions:
- They typically develop over an extended period of time and impact different locations at different times.
- Due to high absenteeism rates, they could disrupt supply chains and business travel.
- They may force employers to train staff on how to reduce the spread of the disease and modify sick day policies.
- Meetings with clients and counterparties may have to occur over the phone or by videoconferencing.
- They may reduce demand for goods and services and have human resource, insurance and cash flow implications.
Finally, IIROC advises that Members may want to review and potentially update service-level agreements with critical counterparties and vendors to address potential disruptions.
The MFDA Notice reminds Members that pursuant to MFDA Rule 2.9, all Members must have adequate Business Continuity Plans (BCPs) in place to ensure they are adequately prepared to minimize business disruptions and can continue to service clients.
In order for Members to properly adapt the specific circumstances into their BCPs, IIROC is advising they monitor publicly available information from reputable sources, pursuant to Dealer Member Rule 17.16. Members should consider the scope and geographic location of their own operations when modifying their BCPs.
The MFDA Notice indicates that it may take a reasonable and flexible approach to some supervisory requirements. It acknowledges that many supervisory functions, including daily stock supervision, may need to be performed remotely in accordance with Member BCPs. With regard to the MFDA obligations to conduct on-site branch reviews and periodic visits, the MFDA is allowing Members to perform branch reviews and periodic visits remotely.
In order to work remotely and minimize face-to-face contact, the MFDA reminds Members that confidential client information must be transmitted and stored in a secure manner. Where Members allow Approved Persons to accept client instructions on the phone or through email, they must follow the Member policy requiring verification of the client’s identity.
The MFDA further advises that an increased reliance on technology will lead to an increased risk of cybersecurity threats. The MFDA Notice reminds Members that they are to follow MFDA guidance on cybersecurity risks. As always, Members are obligated under MFDA Policy No. 6 to notify the MFDA whenever a Member is aware of a breach of client confidentiality.
In general, the MFDA and IIROC seem to be demonstrating a level of flexibility and understanding as they recognize that many dealers may have to switch the way they do business in the coming weeks and months. That being said, all securities regulatory requirements must still be strictly followed, so dealers should ensure their offsite protocols are compliant.
The authors would like to thank Simon Margolis, articling student, for co-authoring this text.
For advice with respect to securities regulation and compliance arising from COVID-19, please get in touch with the authors listed below, who are ready and available to assist with navigating through these unprecedented times. BLG has also created a COVID-19 Resource Centre to assist businesses on a variety of topics, including contractual risks, public disclosure requirements, schools and criminal law.