Home Breadcrumb caret Practice Breadcrumb caret Planning and Advice 5 items regulators focus on when you’re audited Perform an internal review so you’re better prepared for an audit. Here’s what regulators look for. October 31, 2014 | Last updated on October 31, 2014 4 min read Audits by regulators follow a prescribed format depending on what has triggered the visit, whether a full compliance review, targeted review or a for-cause review based on information that has come to their attention. But, during any type of review, there are certain deficiencies that are more significant than others. Here’s what regulators look for. 1. Strength of compliance systems Many firms go through the whole registration process, and still don’t have a solid compliance system in place. This includes: detailed written policies and procedures that actually reflect what the firm does and how it operates; and all staff having ready access to it. Firms must devote sufficient resources to compliance based on their size, complexity and potential for associated risks. Firms can’t expect advisors to do the right thing without giving them specific written rules. These should include how to gather KYC information, explain the products available, what documentation is required, marketing rules and general employee conduct. The Chief Compliance Officer must also produce an annual report to the board assessing how the firm is complying with securities legislation, including any deficiencies and how they’re being addressed. Regulators will read this report to get an idea of how seriously the firm takes its compliance responsibilities. Read: Never lend to a client, and other compliance sins 2. Dealing with clients in other jurisdictions Advisors cannot deal with clients in other provinces unless they’re registered there. If your client moves to another province, then mobility exemptions will allow you to continue dealing only with that client—and no one else in that province. For those clients who live outside of Canada, you have to ensure you meet the registration requirements of the foreign jurisdiction. The rules vary greatly from country to country, and regulators will expect you to have taken steps to confirm you’re not contravening foreign regulations. Read: Firms failing to grasp compliance basics: IIROC 3. Outside business activities Advisors must disclose all OBAs on the National Registration Database (NRD) and detail what policies are in place to mitigate the potential for conflicts of interest. This disclosure includes items such as: if you’re licensed to sell insurance; have a holding company; coach junior hockey; and are involved in a charity or a religious organization. It’s best to over-disclose to ensure you’re not accused of hiding anything. Regulators will review OBAs to determine whether you’re using your position unfairly and to the detriment of the client. This is particularly important when you are promoting a product from a related issuer as many EMDs do. You have to be extremely careful to show that, even though you have a vested interest in promoting a particular issuer, you are still acting in the best interests of the client. A fulsome suitability review and backup notes must explain why the investment was appropriate for the client. This includes a detailed KYC form containing information about the client’s current financial position, their objectives, investment knowledge and risk tolerance. In recommending a particular product, advisors need to explain in writing what makes this investment appropriate, as opposed to similar products. Read: IIROC updates sanction guidelines 4. Delegating KYC and suitability to a third party In some firms, relationship managers, account executives or other third parties fill out KYC forms. Regulators have repeatedly stated this does not conform to registration requirements, nor does it ensure that an advisor will deal fairly, honestly and in good faith with a client. The view is that these third parties are not qualified to have the type of meaningful conversation that a registered individual needs to have to determine the client’s financial needs. Further, it doesn’t give the advisor an opportunity to explain the firm’s investment strategies and what the client can expect. This leads to client confusion about who is actually managing his account, and leaves an advisor open to claims that certain investments were inappropriate if the KYC is deficient. So, you must make every effort to meet clients face-to-face. If that’s not possible, at least speak to each client via phone or email. And ensure compliance doesn’t sign off on an application until they’re confident the client information is accurate and investments are suitable. Read: Set boundaries for assistants 5. Selling securities to non-qualified investors The current rules around distributing prospectus-exempt products are confusing and don’t easily apply to clients’ real-life situations. However, if an advisor cannot clearly show that a client qualifies as an accredited investor, and that the investment is suitable, compliance has a duty to reject the trade. You need to ask detailed questions and take copious notes to explain the client’s financial position, and why you’re recommending a particular investment over another. The sale of securities to non-qualified investors is a serious breach of securities legislation, and can lead to having your registration terminated, the trade being unwound and even the firm’s registration being suspended. Read: 3 compliance commandments An audit review can be a useful tool to determine how effective you are in adhering to securities legislation. Still, don’t wait for regulators to come knocking. Perform an internal audit, which includes an annual review of your policies and procedures manual, all NRD profiles, and a random sample of client accounts. by Jonathan Heymann, president of Wychcrest Compliance Services Inc. (www.wcompliance.ca), a consulting firm specializing in securities compliance and registration. Save Stroke 1 Print Group 8 Share LI logo