Financial and Operations Compliance · 1. “The PM that manages and provides advice on my...
Transcript of Financial and Operations Compliance · 1. “The PM that manages and provides advice on my...
Financial and Operations ComplianceCurrent Issues
FOAS Annual ConferenceKelowna, BCSeptember 9, 2017
FINOPs Current IssuesAgenda
• Cybersecurity initiatives
• CRM2 implementation
• Service Arrangements with Portfolio Managers (PM)
• Agency Security Borrowing and Lending Arrangements
2
FINOPs Current IssuesCybersecurity Initiatives
• Self-assessments
• Cybersecurity report cards
• Follow-up visits on moderate-to-high risk dealer members
• Include cybersecurity in FINOPs risk assessment model
• Table-top exercise planned to help small dealers improve threat and incident response management
• Ad hoc alerts (i.e. WannaCry, Golden Eye, PetyaRansomeware viruses)
3
FINOPs Current IssuesNational Institute of Standards and Technology Framework
4
Cyber Threat Intelligence
Security Event monitoring
Authentication
Identity Lifecycle Management
Forensics
Secure Software Development
Lifecycle
Network Security
System / Device Security
Brand Protection
Cyber Attack Readiness Testing
User Behavior Analytics
Patch & Vulnerability Management
Malware Protection
Business Continuity Management
Physical Security
Application Security
Security Analytics
Information Protection
Incident Management
Identity & Access
Management
Application Protection
Infrastructure Protection
Threat Management
Cybersecurity Management
Governance Prevent Detect Respond/Recover
Roles and Rights Management
Training & Awareness
Risk Management & Compliance
HR Security
Cyber Insurance
Third Party Risk Management
Policies & Standards
Domains
Information Classification
Data Privacy
Data Loss Prevention
Encryption
Information Lifecycle
ManagementNetwork & System
Analytics
Security Incident Response
FINOPs Current IssuesCybersecurity Recommendations
5
FINOPs Current IssuesCRM2 Implementation
• Effective July 15, 2016
• New reporting
• Internal working group FAQs
• Exemptions
• Rollout issues
• March 6, 2017 broadcast email
6
FINOPs Current IssuesCRM2 Implementation
• Survey results…
o What 12-month reporting period was selected?
o Were reports sent within 10 days after client account statements?
o How did you ensure accuracy?
o Were control accounts used?
o What issues were encountered in the implementation, preparation and issuance of these reports?
7
FINOPs Current IssuesCRM2 Implementation
• Current examination approach
• Review reports for proper disclosure
• Review exemptions granted for compliance
• Common deficiencies
8
FINOPs Current IssuesService Arrangements with PMs
• CSA Staff Notice 31-347 recommendations
• CIPF FAQs
• IIAC best practices service agreement
• IIROC action plan
9
FINOPs Current IssuesService Arrangements with PMs - Recommendations
10
Portfolio Investment Management Agreement
CSA Portfolio Manager
(PM)
IIROC Dealer Member
(DM)
Service Provider
Trade Execution / Clearing+
Statement of Customer Holding
Trade orders
Month-end customer account statements (with CIPF coverage)
Trade activity reporting
PM / DM Services Agreement – Provide roles and
responsibilities
Customer statement reporting and written disclosure of arrangement
PM holding any securities must issue statement
Individual customer account documentation
- KYC Name and address- PM account trading authority
Clients
PM must maintain own system of customer records to comply NI31-103 customer statements.
• PM should reconcile own trade order records to DM trade activity reports.
• PM should reconcile customer custody holdings as reported by DM to own records.
FINOPs Current IssuesService Arrangements with PMs - CIPF FAQs
1. “The PM that manages and provides advice on my investments is not a CIPF member, but the investment dealer holding my investments is a CIPF member. Does CIPF coverage apply if my PM becomes insolvent?” Answer is NO
2. “Can a CIPF member, who enters into an agreement with a PM to provide custodial services to the PM and its clients, provide the PM’s contact information on its account statements?”
Answer is YES
11
FINOPs Current IssuesService Arrangements with PMs –Agreement
12
• Status of IIAC best practices agreement
• Roles and responsibilities must be clearly defined
FINOPs Current IssuesService Arrangements with PMs – Action Plan
13
• Ensure service agreement is in place
• Ensure appropriate CIPF disclosure is on client statement
• Obtain confirmation from Dealer Member that PM has its own books and records
• CRM2 exemption for custodial accounts is not automatic; Dealer Member must apply for exemption
FINOPs Current IssuesAgency Securities Borrowing and Lending
Traditional Agent Equivalent to Principal Arrangement
14
AGENT(e.g. BONY, State Street, Blackrock)
DEALER MEMBER(Borrower)
Collateral sent to AgentBorrowed securities sent to Dealer Member
Lenders provide securities to Agent
LENDER(pension fund)
LENDER(pension fund)
LENDER(pension fund)
FINOPs Current IssuesAgency Securities Borrowing and Lending
Main reason for industry shift to collateral management arrangements is operational efficiency
15
AGENT
Dealer Member(Borrower)
Collateral Held at Custodian(also send Collateral Mark Instructions)
Borrowed securities sent to Dealer Member
Custodian(e.g. JP Morgan)
Collateral Mark Instructions
Request to borrow securities
AGENT
AGENT
Lenders provide securities to Agent
LENDER(pension fund)
LENDER(pension fund)
LENDER(pension fund)
FINOPs Current Issues
16
Thank you, that ends our presentation.
Questions