The Canadian Investment Regulatory Organization (CIRO) published its Annual Compliance Report 2026, setting out emerging compliance challenges and common examination findings to help dealers target supervision and risk management in line with CIRO requirements. Key themes include managing risks from emerging technologies, with the report highlighting increased cybersecurity incident reports linked to third-party service providers and emphasizing continuous staff training alongside remediation of cybersecurity findings. It notes continued onboarding of Crypto Asset Trading Platforms into CIRO membership and points to CIRO guidance on a Digital Assets Custody Framework covering standardized custody arrangements and segregation requirements, alongside the InnovateSafe regulatory sandbox. CIRO also signals it will inquire into dealers’ use of artificial intelligence and review related operational controls as part of Financial and Operations compliance examinations. On core compliance frameworks, the report directs dealers to findings from the CSA-CIRO Client Focused Reforms Phase 2 Sweep covering Know Your Client, Product Due Diligence, Know Your Product and suitability assessments, where the most common deficiency was policies and procedures that were not sufficiently tailored, detailed and actionable. Additional recurring issues included supervisory gaps for outside activities and non-approved client communication channels, weaknesses in conflicts of interest identification and disclosure, concerns with daily and monthly trade supervision systems, and deficiencies in controls over referral arrangements. The report also updates on the delegation of registration functions, noting CIRO now handles registration for the majority of individuals in Canada’s securities industry, and reminds dealers to submit complete registration information and implement processes aligned with CIRO’s assessment-centric proficiency model to ensure timely training completion and reporting.

Original source View in tracker