Risk & compliance officers in Canada will need to make a running start into the new decade to keep up with the challenges from a regulatory landscape in flux
Canadian regulators are in the midst of a modernization reshuffle that may have significant implications for all market participants.
Numerous rule changes introduced in 2019 are expected to take effect this year; moreover, potentially destabilizing non-financial risks involving technology and geopolitics are expected to further complicate matters for Canadian firms. Financial firms, guided by board members and senior management, will be expected to quickly adapt to new rules introduced in 2019 and meet ever-intensifying regulatory expectations where best practice is now regarded as industry standard.
Here is an overview of key areas that risk and compliance officers will have to tackle, challenge, and change in 2020:
Proliferation of Non-Financial Risks
Conduct risk, extreme weather events, and technology risk are increasingly being seen as systemic vulnerabilities by Canadian regulators.
Cyber-resilience is one particular area where multiple regulators and self-regulatory organizations will be paying close attention. For example, the Office of the Superintendent of Financial Institutions has highlighted cyber-resilience as one of its four main regulatory priorities for the next few years. Separately, the Investment Industry Regulatory Organization of Canada (IIROC) is expected to closely monitor how member-dealers comply with new rules on mandatory cyber-incident reporting.
Indeed, Canadian businesses may also be exposed to significant geopolitical risk this year and will need to calibrate mitigation measures with care. Overall, firms will be expected to demonstrate to regulators that they can manage and respond to non-financial risks in a manner that minimizes business disruptions and maintains public confidence in financial markets.
Rising Standards of Consumer Protection
Regulators are using both enforcement and policy to compel firms to pivot towards a more consumer-centric focus.
On the policy side, fee-based compensation and related disclosure obligations will rank high on the supervisory agenda for securities regulators next year. IIROC and provincial securities regulators are paying close attention to industry compliance efforts with recent reforms under the second phase of the client relationship model that are designed to improve the quality of disclosures regarding investment performance and fees. Further, most provinces are expected to ban two types of embedded commissions next year: upfront sales commissions and trailing commissions.
On enforcement, the Ontario Securities Commission (OSC) is aggressively pursuing disciplinary action against violations considered contrary to public interest. Over the past year, the regulator has cracked down on repeat offenders, focused on failures to supervise, and successfully sanctioned offshore firms for contraventions deemed to pose risks to investors in Ontario. These actions send a clear message that the OSC expects businesses to uphold Ontario standards for financial consumer protection.
In addition, Canadian financial regulators are expected to keep consumer protection in focus as they further refine regulatory frameworks for virtual assets. An ongoing legal dispute involving Quadriga Fintech Solutions has exposed gaps in regulatory oversight in the cryptocurrency industry that could spur policy action.
Areas where firms dealing in virtual assets should expect their practices to be scrutinized include governance and accountability, personal data protection, virtual assets custody, anti-money laundering (AML), business continuity planning and succession, and cyber-resilience.
New Rules on Multiple Fronts
Several policies introduced in 2019 will come into effect this year. Many of these new rules will require firms to make significant changes to their compliance programs.
A myriad of changes are expected to challenge Canadian AML compliance officers in 2020, and numerous changes to AML reporting requirements — from suspicious transaction reporting to electronic funds transfers — will come into effect in mid-2020.
Starting in 2020, all public corporations under the Canadian Business Corporations Act will be required to disclose details on diversity initiatives to shareholders at every annual meeting, giving investors an opportunity to grill businesses about how their diversity policies are being put into practice.
Meanwhile, ongoing efforts such as the OSC’s burden-reduction initiative and interest rate benchmark reform will churn on throughout the year, possibly resulting in changes in compliance obligations for businesses. Overall, firms will face pressure to adapt to this shifting regulatory environment and demonstrate that they are fully compliant with new requirements.
Indeed, a busy year lies ahead. Risk and compliance officers in Canada will be challenged to apply their expertise to virtually every aspect of an organization’s operations and be truly inter-disciplinary.