Investor Alert:
CIRO is issuing a warning to Canadian investors regarding Canada Token Trade.
To enhance market integrity and investor protection, IIROC is publishing for comment proposed amendments (Proposed Amendments) to UMIR and the Dealer Member Rules (DMR) that would require client identifiers on:
Dealer Members would need to provide client identifiers using:
In order to better address the risks of electronic trading, the Proposed Amendments would also require unique client identifiers for clients of a foreign dealer equivalent whose orders are entered under a routing arrangement and are automatically generated on a predetermined basis. In this case, the Participant would need to provide the:
In addition to client identifiers, the Proposed Amendments would introduce designations under UMIR 6.2(1)(b) to flag the following activity on a marketplace:
In light of the proposed designations above, the Proposed Amendments would remove the current identifier requirements for DEA, RA, and certain OEO clients.
IIROC acknowledges that the impacts of the Proposed Amendments on Dealer Members, marketplaces, investors and vendors may be significant. We expect these impacts would include:
As part of the comment process, we are requesting specific comments on the following aspects of the Proposed Amendments:
The text of the Proposed Amendments is set out in Appendix “A” and a blackline of the changes is set out in Appendix “B”.
IIROC is publishing the Proposed Amendments to solicit comments on the best approach to expand the use of client identifiers to improve the risk management, surveillance and investigatory capabilities of regulators.
In order to garner further comment and feedback on the Proposed Amendments, IIROC will strike a consultation committee to assist in:
We ask all parties interested in participating in the consultation committee to contact Theodora Lam at [email protected] by June 19, 2017.
Upon reviewing and responding to any public comments and consultation committee input on the Proposed Amendments, we will bring a revised proposal to our Board for approval and publish the revised proposal for an additional comment period before implementing any proposed changes.
We request comments on all aspects of the Proposed Amendments, including any matter that they do not specifically address. Comments on the Proposed Amendments should be in writing and delivered by November 13, 2017 to:
Theodora Lam
Policy Counsel, Market Regulation Policy
Investment Industry Regulatory Organization of Canada
Suite 2000
121 King Street West
Toronto, Ontario M5H 3T9
e-mail: [email protected]
A copy should also be provided to the CSA by forwarding a copy to:
Market Regulation
Ontario Securities Commission
Suite 1903, Box 55
20 Queen Street West
Toronto, Ontario M5H 3S8
e-mail: [email protected]
Commentators should be aware that a copy of their comment letter will be made publicly available on the IIROC website at www.iiroc.ca. A summary of the comments contained in each submission will also be included in a future IIROC Notice.
In October 2014, we committed to looking at whether expanding the use of client identifiers in the form of an LEI or another account identifier would be appropriate.1 We believe that expanding the use of client identifiers is appropriate. IIROC is of the view that publishing the Proposed Amendments for comment is beneficial to stimulate discussion on the best approach to expand the use of client identifiers in the trading of securities to improve the risk management, surveillance and investigatory capabilities of regulators.
To this end, IIROC is proposing to amend UMIR 6.2, DMR 3200, and DMR 2800C to require client identifiers on:
Dealer Members would need to provide client identifiers in the form and manner acceptable to IIROC. This would mean using:
The Proposed Amendments would also require unique identifiers for clients of a foreign dealer equivalent, where orders are sent under an RA and are automatically generated on a predetermined basis by the client. In this case, the Participant would need to provide the:
While the Proposed Amendments would remove current UMIR 6.2(1)(a) requirements for DEA, RA, and OEO identifiers, they would introduce new designations under UMIR 6.2(1)(b) to flag orders sent through these arrangements.
IIROC currently requires the use of client identifiers in certain circumstances. Under UMIR 6.2, Participants must ensure that client identifiers are included for the following activity on a marketplace:
DMR 3200 aligns with UMIR by requiring the use of client identifiers for the same OEO accounts as required under UMIR 6.2(1)(a)(iv).
Under DMR 2800C, Dealer Members must obtain LEIs when reporting principal transactions in debt securities. Client identifiers are currently optional for both the “Customer LEI” and “Customer Account Identifier” fields.
The Proposed Amendments would:
IIROC would expect Dealer Members to ensure that eligible clients obtain LEIs as part of the onboarding process for new clients or as part of its account documentation review required under IIROC rules for existing clients. Once a client has an LEI, Dealer Members would be required to ensure that client LEIs are renewed on an annual basis and do not lapse. A lapse in a client’s LEI would be considered a “material change” in client information under DMR 2500.II.A.5 and DMR 2700.II.4. We would expect Dealer Members to use account numbers as client identifiers for clients not eligible to obtain an LEI.
In addition to client identifiers, the Proposed Amendments would also require new designations to flag orders sent through DEA, RA, and OEO arrangements. We expect that flagging this order activity from these accounts together with the client identifier would improve the transparency of such activity and enhance regulatory capacity.
UMIR 6.2 currently sets out the identifiers that must be contained on each order entered on a marketplace, including the identifier of the investment dealer or foreign dealer equivalent for or on behalf of whom the order is entered under an RA.5
Currently there are certain foreign dealer equivalents under RAs that route orders of multiple clients under one client identifier. However, we have found regulating this activity to be challenging particularly when such client orders:
To better address the risks of electronic trading and to maintain market integrity, IIROC must have the ability to identify and monitor higher-risk client flow that is automatically generated on a predetermined basis.
This is consistent with the IOSCO principles for direct electronic access to markets6 that the CSA has adopted in their electronic trading framework.7 Among others, the IOSCO principles include the disclosure of customer identification in order to facilitate market surveillance.
This proposed change would also level the playing field with current provisions that require unique identifiers for DEA clients who enter orders through DEA to be included on each of their orders and provide IIROC with a similar capacity to surveil this type of trading activity.
In order to address the issues above, we are proposing changes to UMIR 6.2(1) that would require the use of a unique identifier for each end-client of a foreign dealer equivalent who is party to an RA where the end-client automatically generates orders on a predetermined basis. This requirement would not extend to activity entered directly by the foreign dealer equivalent or through the foreign dealer equivalent’s own technology.
IIROC recognizes that Participants may not have access to the identity of the ultimate end-client when the order is entered by a foreign dealer equivalent under an RA and, therefore, this proposed change would not require the disclosure of the name of a beneficial client. Instead, it would merely require that orders from each applicable end-client be distinguished with a unique identifier. This unique identifier would not need to take the form of an LEI or an account number.
The LEI is a unique identification code assigned according to standards set by the Global Legal Entity Identifier System (GLEIS). LEIs are universal identifiers that can be used across firms, assets, and jurisdictions. There are no materiality thresholds for issuing LEIs. Each legal entity only receives one LEI, which should be used in all corporate events and transactions. Any party to a financial transaction is eligible to obtain an LEI, with the exception of natural persons. Examples of legal entities eligible to obtain an LEI include:
Inquiries regarding LEI eligibility and the process of obtaining an LEI should be directed to the Local Operating Unit (LOU), which serves as local implementers of the global LEI system.10 In Canada, CDS Clearing and Depository Services Inc. is an LOU sponsored by the Ontario Securities Commission.11
Accessing the infrastructure developed and maintained by the Global Legal Entity Identity Foundation (GLEIF) may be a cost-effective and administratively expedient alternative to Dealer Members creating, funding, and supporting a new system of issuing, verifying, and administering client identifiers. The GLEIF maintains the LEI reference database, which is freely accessible to the public. The data quality and accuracy of LEIs are supported and maintained by LOUs, which must be accredited by the GLEIF and are governed by service level agreements between the GLEIF and LOUs. In issuing LEIs to legal entities, LOUs verify application data against reliable sources. Legal entities must provide accurate and up-to-date information which is reviewed annually by LOUs.
Client identifiers are currently required in various requirements pertaining to derivatives trading in Canada. In Ontario, OSC Rule 91-507 Trade Repositories and Derivatives Data Reporting requires eligible counterparties participating in transactions reportable under the rule to obtain, maintain and renew an LEI.12 If a counterparty is not eligible to receive an LEI, it must be identified with an alternate identifier. Similar requirements are included in Multilateral Instrument 96-101 Trade Repositories and Derivatives Data Reporting,13 Regulation 91-507 respecting Trade Repositories and Derivatives Data Report14 in Québec and Manitoba Securities Commission Rule 91-507 Trade Repositories and Derivatives Data Reporting.15
Other jurisdictions have also moved to require client identifiers. This is largely driven by the desire to enhance transparency in order to improve the risk management, surveillance and investigatory capabilities of regulators.
Under MiFID II and MiFIR, investment firms in the EU must report transactions of the purchase or sale of financial instruments to national competent authorities.16 Client identifiers are a piece of information to be reported, including LEIs where applicable,17 or natural person identifiers18 for clients that are not eligible to obtain an LEI. The report must also specify the person or entity responsible for the investment decision, including the use of an algorithm. Where an algorithm is the primary decision-maker for the investment decision, it must be identified using a unique and consistent code. Investment firms must send their transaction reports on a T+1 basis directly to the national competent authorities. While investment firms have the option of asking other parties (e.g. approved reporting mechanisms or trading venues) to submit the report on their behalf, they retain the responsibility for the completeness, accuracy, and timeliness of the report.19 The transaction reporting obligations under MiFID II and MiFIR will come into effect in January 2018.20
The U.S. Securities and Exchanges Commission (SEC) approved the Consolidated Audit Trail National Market System Plan (CAT NMS Plan) on November 15, 2016. Under the CAT NMS Plan, self-regulatory organizations (SROs) and their members must send order and trade data in NMS equities and options to a central repository. Customer identification is part of the information that must be reported. The definition of “customer” includes both the account holder and the individual with authority to give trading instructions.21 SEC Rule 613(j)(5) states that broker-dealers may report using a Customer-ID, that being a code that uniquely and consistently identifies the customer for the purposes of providing data to the central repository.22 While a Customer-ID does not need to be attached to every order and trade, SROs must develop a proposal where regulators can access data in a linked fashion so that each order, and all subsequent reportable events, can be traced back to the customer through its Customer-ID.23 Where a legal entity has an LEI, it must be reported as part of the customer identifying information.24 While the CAT NMS Plan has not imposed the mandatory use of LEIs, SEC Commissioner Kara M. Stein has stated that “this will leave regulators and industry participants near-sighted and unable to figure out important interconnections or identify exposures between financial firms” and urged exchanges and FINRA to provide a report on the feasibility of mandating the use of LEIs for industry members and customers.25
In addition to the Customer-ID, the CAT NMS Plan also requires broker-dealers to report Customer Account Information to the central repository upon receiving or originating an order.26 The Customer Account Information includes the account number, account type, customer type, date when account was opened (or in some circumstances, the effective date of the account), and the Large Trader Identifier (LTID)27 if applicable. To protect the confidentiality of customer information, SEC Rule 613(e)(4) requires the plan processor to use policies and procedures that ensure security and confidentiality of all information reported to the central repository.28 Plan sponsors must protect customer information, which may include the encryption of such data.29
The CAT NMS Plan requires reporting to be done on a T+1 basis.30 Reporting under the CAT NMS Plan will be required as follows:
We do not currently receive client identity information for each order and trade executed on a marketplace or reported pursuant to Rule 2800C, and the Proposed Amendments would make it significantly easier for IIROC to carry out its public interest mandate. Specifically, requiring the use of client identifiers would enhance IIROC’s ability to perform a range of regulatory functions, including conducting:
Trade analysis initially involves mapping out client identities and linking them to each order and trade on a marketplace, which can be time consuming and inefficient. Currently, we compile data from different sources of information (trade tickets and blotters, trade reports, allocation reports etc.) in order to link client identities to each event on the marketplace. Depending on the length of the period of review, the liquidity of the security, and the number of clients under review, we may have to send multiple information requests to Dealer Members to validate client order activity. This results in delays in reconciling information into a usable form.
We believe the Proposed Amendments would increase IIROC’s efficiency in linking client identities to marketplace activity, as well as reduce the number and size of information requests we send to Dealer Members.
The use of LEIs may also enhance cross-asset surveillance for trading in listed equities as well as OTC fixed income securities. The LEI reference database has Level 1 information and may soon incorporate Level 2 reference data.32 Level 1 reference data includes “business card” information, such as the entity’s legal name and address.33 Level 2 reference data would include information regarding the entity’s corporate hierarchy and affiliations. Access to Level 2 information would increase our visibility into the entity’s relationships as part of its corporate structure and allow us to more quickly link entities to immediate and ultimate parents, subsidiaries, or affiliates. This added transparency would enhance IIROC’s ability to monitor potential market abuses.
Requiring the use of client identifiers would help ensure accuracy and consistency in order information across all marketplaces and in reported debt securities transactions. A current limitation with the regulatory data is that multiple identifiers may be used for the same client. For example, there may be multiple Trader IDs for the same DEA or RA client either at the same Dealer Member or across multiple Dealer Members. Using LEIs would allow IIROC to aggregate information from all accounts held by the same client across different platforms and Dealer Members for surveillance and regulatory purposes.
The CSA and the Bank of Canada also support the Proposed Amendments because the changes would:
The use of LEIs may help Dealer Members manage their internal risk by enabling the cross-asset consolidation of counterparty data. LEIs may also reduce the time and cost in consolidating and verifying data as, currently, a single entity may be identified by different names and codes, across different business lines, asset groups and/or platforms. Using LEIs to aggregate the accounts of the same entity may provide a more holistic picture of client holdings across different accounts and/or platforms. The use of LEIs may also assist in customer due diligence, especially in terms of background searches at the client onboarding stage.
We also expect that more granular client-level data would reduce the size and frequency of regulatory requests and could help Dealer Members process the data requests that they do receive more efficiently.
The use of LEIs, together with DEA and RA identifiers, would also eliminate the need to:
To ensure the confidentiality of client information, IIROC believes that encrypted keys should be used for client identifiers to ensure that the client information is only visible to IIROC. Transaction files containing client identifiers in the trading of debt securities would continue to use the Secure File Transfer Protocol (SFTP), as the information is directly reported to IIROC through each Dealer Member’s reporting gateway and does not pass through a marketplace.
The Proposed Amendments are consistent with other global initiatives regarding the transparency of client identities in the trading of securities. IIROC acknowledges there would be significant effort required by Dealer Members, marketplaces, and investors to achieve compliance with the Proposed Amendments. The purpose of publishing the Proposed Amendments is to solicit comments on the best approach to expand the use of client identifiers to improve the risk management, surveillance and investigatory capabilities of regulators.
We would consider the impacts of the Proposed Amendments when determining the appropriate implementation period. IIROC staff believe the implementation effort required is proportionate to the regulatory benefit of increased market integrity and investor protection through enhanced oversight and supervision capabilities, however, we think it is important to fully understand the implementation impact of the Proposed Amendments.
As part of the comment process, we are specifically asking for comments from stakeholders regarding implementation impacts, costs, and alternative approaches for consideration that would deliver the same regulatory benefits. These comments are important to develop a full understanding of the impacts, which will assist in determining the implementation timeline and process.
In order to garner further comment and feedback on the Proposed Amendments, IIROC will also strike a consultation committee to assist in identifying issues and providing recommendations with respect to expanding the use of client identifiers. We ask all parties interested in participating in the consultation committee to contact Theodora Lam at [email protected] by June 19, 2017.
Upon reviewing and responding to any public comments and consultation committee input on the Proposed Amendments, we will bring a revised proposal to our Board for approval and publish the revised proposal for an additional comment period before implementing any proposed changes.
The Proposed Amendments would affect surveillance and operations at IIROC. Specifically, IIROC would need to:
The Proposed Amendments would affect Dealer Members and marketplaces. Its impacts may vary based on the implementation plan. Possible impacts include:
The Proposed Amendments may affect investors in that certain eligible investors may be required to apply for LEIs in order to trade on a marketplace or in debt securities. Impacts on investors eligible to obtain LEIs would include:
While we request comment on all aspects of the Proposed Amendments, we specifically request comment on the following questions:
For example, FIX fields that may be considered to capture the information above may include:
What other FIX fields or tags should we consider?
The Proposed Amendments would:
The Board of Directors of IIROC (Board) has approved the publication of the Proposed Amendmentsfor public comment.
The Market Rules Advisory Committee (MRAC) considered this matter as proposed in concept by IIROC staff. MRAC is an advisory committee comprised of representatives of each of: the marketplaces for which IIROC acts as a regulation services provider, Participants, institutional investors and subscribers, and the legal and compliance community.35
After considering the comments on the Proposed Amendments received in response to this Request for Comments together with any comments of the CSA, we will re-submit the proposed amendments to the Board for approval for republication for an additional comment period.
Appendix A – Text of DMR/UMIR Proposed Amendments
Appendix B – Blackline of DMR/UMIR Proposed Amendments