The Canadian Investment Regulatory Organization (CIRO) published its Annual Compliance Report to help dealer members identify emerging compliance challenges and adjust supervision and risk management to meet CIRO requirements. The report prioritises technology-related risks across the investment ecosystem and notes that CIRO has integrated its internal compliance team structure and harmonised compliance programs as part of its 2025 strategic priorities. Key areas include cybersecurity, where firms must report qualifying incidents and maintain appropriate controls, with the report highlighting an increase in incident reports involving third-party service providers. It also covers the continued onboarding of Crypto Asset Trading Platforms into CIRO membership and calls for a top-down, risk-based compliance approach given higher inherent risks, alongside monitoring evolving expectations as CIRO and the Canadian Securities Administrators adapt to changes in the crypto ecosystem. Additional focus areas include implementing robust controls and conducting regular reviews for algorithmic trading, and maintaining clear policies, procedures and books and records for business use of social media by Approved Persons.
Canadian Investment Regulatory Organization 2025-01-31
Canadian Investment Regulatory Organization publishes Annual Compliance Report on technology risk management and integrated compliance oversight
The Canadian Investment Regulatory Organization (CIRO) released its Annual Compliance Report, highlighting technology-related risks and the integration of its compliance team structure. Key areas include cybersecurity, with increased incident reports involving third-party providers, and the onboarding of Crypto Asset Trading Platforms, urging a risk-based compliance approach. The report also stresses robust controls for algorithmic trading and clear policies for social media use by Approved Persons.