Provisions Respecting Third-Party Electronic Access to Marketplaces

1. Background to the Amendments

1.1 Domestic and International Regulation

1.1.1 Framework for Regulation of Direct Electronic Access to Marketplaces 

Requirements relating to the grant of direct access to a marketplace, previously generally known as “direct market access” or “DMA” were originally established under the rules of the exchanges and in the policies and contractual provisions of ATSs with their subscribers6. It was recognized, however, that a uniform regulatory framework for the provision of DMA was desirable and would appropriately reside with regulators of the marketplaces and Participants granting direct electronic access.  In this regard, proposed amendments to the CSA Trading Rules were initially issued concurrent with proposed amendments to UMIR concerning “dealer-sponsored access”, that were intended to clarify the obligations of Participants, Access Persons and marketplaces regarding direct access7. While these proposals were later withdrawn given a re-examination of the risks related to direct electronic access, this lead to the formulation of the CSA Access Rule and Amendments respecting third-party electronic access to marketplaces8.    

The CSA Access Rule and the Amendments create a new, more robust and comprehensive regulatory framework for third-party electronic access to marketplaces and take account of regulatory developments in other jurisdictions9 concerning electronic trading and access to marketplaces. The framework is aligned with the principles expressed in the Final Report prepared by the International Organization of Securities Commissions (“IOSCO”) entitled Principles for Direct Electronic Access to Markets, in August, 2010 (the “IOSCO DEA Report”)10.

The IOSCO DEA Report principles adopted in the CSA Access Rule and the Amendments include:

• Minimum DEA Customer Standards that firms must maintain procedures to ensure clients have appropriate financial resources and are familiar with, and comply with, the rules of the market and have knowledge of and proficiency in the use of the order entry system;
• Legally Binding Agreement between the firm providing access and the DEA customer;
• Intermediary’s Responsibility for Trades and for all orders under its authority, as well as for compliance with all regulatory requirements and market rules;
• DEA Customer Identification which firms must disclose to market authorities in order to facilitate market surveillance; and
• Intermediaries should use controls, including automated pre-trade controls, which can limit or prevent a DEA customer from placing an order that exceeds an intermediary’s existing position or credit limits and have adequate operational and technical capabilities to appropriately manage the risks posed by DEA.

The CSA Access Rule also builds on the obligations outlined in Section 11.1 of National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations (“NI 31-103”) under which a registered firm must establish, maintain and apply policies and procedures that establish a system of controls and supervision sufficient to:

• provide reasonable assurance that the firm and each individual acting on its behalf complies with securities legislation; and
• manage the risks associated with its business in accordance with prudent business practices.

With the CSA Access Rule and the complementary Amendments, a common set of requirements applies across all marketplaces to govern Participants providing electronic access to marketplaces that have retained IIROC as their regulation services provider. The regulatory framework is designed to facilitate trading in a multiple marketplace environment and protect market integrity given the increased risks inherent in the use of complicated technology and strategies, including high frequency trading strategies, which may be associated with third-party electronic access to marketplaces.

1.1.2 Relationship between the Amendments and the Framework for Regulation of Electronic Trading

The provisions of NI 23-103 and its Companion Policy (23-103 CP) related to electronic trading requirements (the “ETR”)11 were published in final form on September 20, 2012 and came into effect on March 1, 2013, together with the UMIR ETR that align with the requirements of the ETR12.

The ETR govern the risk controls, policies and procedures that marketplace participants and marketplaces must implement in regard to electronic trading. The UMIR ETR introduced new provisions detailing the responsibilities of Participants and Access Persons with respect to the supervision of electronic trading.  These provisions align UMIR with the requirements set out in the ETR applicable to “market participants” which includes both Participants and Access Persons under UMIR.  In particular, the UMIR ETR:

• expand the existing supervisory requirements for trading to specifically include the establishment and maintenance of risk management and supervisory controls, policies and procedures related to access to one or more marketplaces and/or the use of an automated order system;
• permit, in certain circumstances, a Participant to authorize an investment dealer to perform on its behalf the setting or adjustment of a risk management or supervisory control policy or procedure to an investment dealer by a written agreement; and
• impose specific gatekeeper obligations on a Participant who has authorized an investment dealer to perform on its behalf the setting or adjustment of a risk management or supervisory control policy or procedure to an investment dealer.

The ETR and the UMIR ETR are consistent with the CSA Access Rule and Amendments in that Participants that provide third-party electronic access:

• must adopt risk management and supervisory controls, policies and procedures that are reasonably designed to ensure that all orders, including those that may be entered by third-party electronic access, are monitored prior to entry to a marketplace and post-trade;
• may authorize an investment dealer in a routing arrangement to perform on the Participant’s behalf the setting or adjustment of a specific risk management or supervisory control, policy or procedure under certain circumstances; and
• must have an appropriate level of understanding, ongoing testing and appropriate monitoring of any automated order systems in use by a third party that is provided electronic access to a marketplace by a Participant.

These provisions effectively prohibit Participants from providing “naked” or unfiltered third-party access to a marketplace, preclude the authorization to set or adjust a Participant’s controls to a third party with access except as permitted under a routing arrangement, and require that Participants act as gatekeepers to prevent orders entered by third-party electronic access from interfering with fair and orderly markets.

1.2 Pre-existing UMIR Trading Supervision Requirements for Direct Access to Marketplaces

Trading supervision requirements related to direct electronic access to marketplaces have been addressed in Rule 7.1 and Policy 7.1 of UMIR, in the context of marketplace requirements governing direct access.  Currently, Rule 7.1 establishes trading supervision obligations which Participants must follow, including:

• adopting written policies and procedures to be followed by directors, officers, partners and employees of the Participant that are adequate, taking into account the business and affairs of the Participant, to ensure compliance with UMIR and each Policy; and
• complying, prior to the entry of an order on a marketplace, with:
  • applicable regulatory standards with respect to the review, acceptance and approval of orders,
  • the policies and procedures adopted, and
  • all requirements of UMIR and each Policy.

Policy 7.1 elaborates on the responsibility of Participants for trading supervision and compliance, including for orders entered on a marketplace without the involvement of a trader as the client maintains a “systems interconnect arrangement”, in accordance with marketplace requirements.  Policy 7.1 directs that the obligation to supervise:

• applies to the Participant whatever the means with which an order is entered on a marketplace, including if entered directly by a client and routed to a marketplace through the trading system of the Participant; and
• requires adequate supervision policies and procedures to address the potential additional risk exposure with orders not directly handled by the Participant but which are the Participant’s responsibility.

The supervision requirements in UMIR were supplemented by guidance concerning supervision of persons with “direct access”13 which noted a Participant providing direct access was not relieved from any obligations under UMIR with respect to the supervision of trading activities by a “direct access client” and retained full responsibility for any order entered by a direct access client, even though that order would be electronically routed to the marketplace.  The policies and procedures of a Participant were mandated to specifically address the additional risk exposure which the Participant had for orders not directly handled by the Participant prior to the entry on a marketplace.

Additional guidance14 was issued setting out regulatory expectations concerning compliance and supervision obligations under Policy 7.1 of UMIR in regard to:

• order execution services provided to a client that is a Retail Customer (an “order execution client”);
• dealer-sponsored access services or direct market access provided to a client, excluding order execution clients; and
• algorithmic trading. 

The guidance provided to Participants was substantially similar for both order execution service and DMA client streams and emphasized that:

• the source of, or means with which, an order is entered does not relieve a Participant of responsibility for, and the supervision of, such orders including:
  • the detection of UMIR violations, and
  • implementation of systems reasonably designed to prevent the entry and execution of “unreasonable” orders and trades on a marketplace whether the Participant, or a DMA client of the Participant, is using an algorithmic trading system, and
• the Dealer Member Rules applicable to order execution services or institutional DMA clients15 would not alter or relieve a Participant from any obligations under Policy 7.1.

Enforcement cases that have been taken by IIROC under Rule 7.1 and Policy 7.1 have reinforced the requirement of a Participant to properly supervise “DMA trading”16, holding that Participants that provide DMA retain the ultimate responsibility for any order entered and to ensure that trading supervision obligations under UMIR are met.

2. Discussion of the Amendments

The following is a summary of the principal components of the Amendments which are set out in this notice at Appendix A with respect to UMIR amendments and Appendix B with respect to Dealer Member Rule amendments.

2.1 Regulatory Framework for Third-Party Electronic Access to Marketplaces

The CSA Access Rule established new terminology and a definition of electronic access to marketplaces called “direct electronic access” or “DEA”, premised on the Participant as provider of, and primary gatekeeper to, direct electronic access. The third-party electronic access provisions in UMIR go beyond the provisions in the CSA Access Rule to address the other identified types of electronic access to marketplaces provided by a Participant to a third-party, namely “routing arrangements”17 and “order execution services”, given the similar risks they may bring to the Participant and the market. The CSA Access Rule’s requirements respecting the provision of direct electronic access do not apply to Participants that comply with requirements established under the Amendments18.

Consistent with the DEA definition in the CSA Access Rule, the Amendments adopt the following definition of the term in UMIR:

“direct electronic access” means an arrangement between a Participant that is a member, user or subscriber and a client that permits the client to electronically transmit an order relating to a security containing the identifier of the Participant:

1. through the systems of the Participant for automatic onward transmission to a marketplace; or
2. directly to a marketplace without being electronically transmitted through the systems of the Participant.

The definition of direct electronic access uses the term “arrangement” to connote the set of obligations, standards and terms that a Participant must undertake and adopt under UMIR 7.13 and related Rules, consistent with the CSA Access Rule, as a condition for granting direct electronic access to a client. It also clarifies that electronic transmission by a client of an order containing the Participant’s identifier to a marketplace is DEA whether or not the client’s order is transmitted through the Participant’s own technology systems infrastructure or through the technology systems of a service provider that has been retained by the Participant.

The Amendments provide a suitability exemption in Dealer Member Rule 1300.1 for certain Retail Customers who may be granted DEA in accordance with the principles expressed by the CSA in NI 23-10319 and in Part 9 of Policy 7.1 of UMIR.  While generally providing a greater scope of potential DEA clients, the requirements do not permit a Participant to grant DEA to a dealer under applicable securities legislation.

In addition, the “DEA-like” trading arrangements which enable an investment dealer20 or client to send orders to a Participant electronically in a similar manner as a DEA client are defined as follows in the Amendments:     

• “routing arrangement”, being an arrangement under which a Participant that is a member, user or subscriber permits an investment dealer or a foreign dealer equivalent21 to electronically transmit an order relating to a security containing the identifier of the Participant:

1. through the systems of the Participant for automatic onward transmission to a marketplace; or
2. directly to a marketplace without being electronically transmitted through the systems of the Participant; and

“order execution service”, being a service that meets the requirements, from time to time, under Dealer Member Rule 3200.

The following diagram outlines the regulatory framework, discussed below, for third-party electronic access to marketplaces: 

In IIROC’s view, routing arrangements and order execution services pose similar systemic risks to DEA.  All three arrangements for access to a marketplace require the electronic transmission of orders directly to a marketplace.  Accordingly, the intention of the Amendments is to ensure that each arrangement with a Participant for electronic access to a marketplace is appropriately supervised and regulated. 

The Amendments provide for similar requirements to govern routing arrangements and DEA, in UMIR 7.13, supplemented by certain new requirements related to the provision of order execution services under Dealer Member Rule 320022.

As with the definition of direct electronic access, the definition of a routing arrangement connotes the set of obligations, standards and terms that a Participant must undertake and adopt as set out under UMIR 7.13 and related Rules, as a condition for entering into a routing arrangement.  It also similarly provides that orders may be entered on a marketplace using the identifier of the Participant whether electronically transmitted through the technology systems of the Participant or through the technology systems of a service provider retained by the Participant.

When an order is transmitted through a routing arrangement, the Participant retains responsibilities and obligations for the order under UMIR, and, in particular, the order will remain subject to the risk management and supervisory controls, policies and procedures that the Participant must adopt in accordance with the UMIR ETR.

In order to allow Participants to provide Retail Customers with direct electronic access if suitable, the Amendments have changed Dealer Member Rules 1300.1 and 3200 as follows:  

• Dealer Member Rule 1300.1 allows a Dealer Member (Participant) to accept or transmit orders for a client who has been granted DEA, without being subject to the suitability obligations that would otherwise apply for acceptance of orders, as long as the Dealer Member:
  • first determines that DEA is suitable for the client;
  • complies with any UMIR provisions relating to the granting of DEA; and
  • does not provide any recommendations to the Retail Customer.
• Dealer Member Rule 3200 clarifies that a Dealer Member offering an order execution service must not allow its clients to:
  • use their own automated order system to generate orders to be sent to the Dealer Member or send orders to the Dealer Member on a pre-determined basis; or
  • manually send orders or generate orders to the Dealer Member that exceed the threshold on the number of orders as set by IIROC from time to time.

It should be noted that access to marketplaces may also be gained, indirectly, by those clients or registrants using an advisor or trader to enter transactions on their behalf for execution on a marketplace. Due to its structure, an advisory account would not be subject to these requirements. The general suitability assessment requirements, and related exemptions, are set out in Dealer Member Rule 1300.1. The manner by which suitability is assessed for Institutional Customers23 is set out in Dealer Member Rule 2700.

2.2 Regulation of “Direct Electronic Access” and “Routing Arrangements”

2.2.1 Arrangements for Access between Participants and Clients, Investment Dealers and Foreign Dealer Equivalents

The Amendments add Rule 7.13 to address the requirements for a Participant that is a member, user or subscriber to provide DEA to a client or enter into a routing arrangement with an investment dealer or foreign dealer equivalent. As with the CSA Access Rule, Rule 7.13 does not prescribe an “eligible client list” of types of clients able to have DEA. This approach is different from that under marketplace rules and policies governing DMA (which generally included various foreign and domestic institutions or registrants as well as clients trading through an order execution service). Rather, the Rule sets minimum standards for provision of DEA, consistent with other jurisdictions, and allows for a wider scope of potential DEA clients. 

However, Rule 7.13 prohibits Participants from providing DEA to clients acting and registered as dealers (consistent with the CSA Access Rule) and instead permits a Participant to enter into a routing arrangement with an investment dealer or a foreign dealer equivalent, subject to the same minimum standards as for direct electronic access.  This restriction is intended to prevent regulatory arbitrage with respect to trading and encourage dealers that are not investment dealers wishing to have direct electronic access to a marketplace to become a member of IIROC (and be subject to the Dealer Member Rules and, in certain cases, UMIR). Foreign dealer equivalents that are also registered as exempt market dealers (“EMD”) are permitted to enter a routing arrangement with respect to order flow that it handles only in its capacity as a foreign dealer equivalent.

While sharing similar risks and having similar requirements under Rule 7.13, a distinction between a Participant’s provision of DEA to a client and a Participant’s routing arrangement with an investment dealer or foreign dealer equivalent was made in order to segregate Dealer Member firms with agency order flow over which IIROC has jurisdiction or firms with an equivalent business in a foreign jurisdiction, from non-dealer clients with direct access and non-registrant foreign dealer equivalents when trading proprietarily (who would generally not be subject to IIROC’s jurisdiction, unless the DEA client is also a subscriber to an ATS and therefore an Access Person for the purposes of UMIR).  

In addition, UMIR had not previously specifically addressed the risks of electronic access granted to an investment dealer. The routing arrangement definition formally establishes a new category of electronic access to marketplaces and recognizes the existing grants of electronic access to a marketplace from Participants to:

• other Participants24;
• investment dealers that are not a member of an Exchange, user of a QTRS or subscriber to an ATS25; and
• foreign dealer equivalents.

DEA and routing arrangements both rely on the Participant providing access to act as gatekeeper, according to prescribed minimum standards in UMIR, for the provision of access. The regulatory framework is accordingly consistent with marketplace DMA rules and policies to the extent that the Participant is responsible for compliance with the requirements respecting the entry and execution of orders transmitted electronically by DEA or a routing arrangement to the marketplace.

Under the Amendments, the new suitability exemption provided in Rule 1300.1 applies for orders accepted from or transmitted for any client with DEA as long as, among other things, the Dealer Member has determined that providing DEA to the client is suitable for that client. There are two additional conditions a Dealer Member must meet in order to be exempt from the suitability requirements applicable to orders; namely the Dealer Member must:

• not provide any recommendation to any Retail Customers that have been provided with direct electronic access; and
• comply with the rules in UMIR applicable to the direct electronic access service offering and the requirements of NI 23-103.

The prohibition against providing recommendations to Retail Customers is meant as an additional safeguard to mitigate the risk that the Dealer Member may be able to provide recommendations to the Retail Customer and then allow the Retail Customer to use its direct electronic access systems to process the recommended transaction.  Without this condition, the exemption provided would allow a Dealer Member or Registered Representative to make recommendations without being responsible for the suitability of those recommendations, a gap that does not exist under the current regime.  A similar exemption is not introduced for Institutional Customers as IIROC recognizes that when dealing with Institutional Customers, Dealer Members often provide trade recommendations which are acceptable as long as the Dealer Member meets its sophistication assessment suitability obligations with respect to recommendations provided to an Institutional Customer. 

DEA is not, however, intended to be widely applicable to Retail Customers.  Rather, the expectation that Retail Customers will generally not qualify for DEA (and thus not be able to avail themselves of the suitability exemption) is set out in Part 9 of Policy 7.1 of UMIR. The policy also recognizes exceptional circumstances when DEA could be provided to non-institutional investors, including:

• sophisticated former traders and floor brokers; and
• a person or company having assets under administration with a value approaching that of an Institutional Customer that has access to and knowledge regarding the necessary technology to use DEA.

In these circumstances, the Participant must set higher standards than for Institutional Customers to mitigate exposure to undue and higher risk associated with a Retail Customer employing DEA.

The following diagram illustrates a Participant’s potential routing arrangement and DEA client relationships:

2.2.2 Minimum Standards and Written Agreement for DEA and Routing Arrangements

The minimum standards to be established by a Participant providing DEA to a client or in a routing arrangement with an investment dealer or foreign dealer equivalent are included in Rule 7.13 and are comparable to the requirements in the CSA Access Rule.  The standards require that the DEA client, investment dealer or foreign dealer equivalent must:

• have sufficient resources to meet any financial obligations that may result from the use of DEA or the routing arrangement;
• have reasonable knowledge and proficiency to use the order entry system;
• have reasonable knowledge of and ability to comply with all applicable Requirements26, including order marking as required by Rule 6.2 of UMIR;
• have reasonable arrangements in place to monitor the entry of orders transmitted using DEA or the routing arrangement;
• take all reasonable steps to ensure that the use of automated order system27 by itself or any client, does not interfere with fair and orderly markets; and
• ensure that each automated order system used by itself or any client is tested in accordance with prudent business practices.

These minimum standards are considered necessary by the CSA and IIROC to ensure that the Participant properly manages its risks.  In this manner, the Participant establishes, maintains and applies reasonable standards for DEA and a routing arrangement, including evaluating its risks in providing third-party access.  Each potential DEA client, or investment dealer and foreign dealer equivalent in a routing arrangement, is expected to be vetted independently by the Participant to assess the risks the order flow may present to its business before establishing the standards.  

Adherence to the minimum prescribed standards and any more stringent requirements which may be imposed by the Participant, must, among other things, be included in the terms of a written agreement to be entered into by the Participant with the DEA client, investment dealer or foreign dealer equivalent, as a precondition to the provision of the third-party electronic access.  

The written agreement between the Participant and the client, investment dealer or foreign dealer equivalent must contain a number of provisions, including:

• the ability of the Participant, without prior notice, to:
  • reject any order,
  • vary or correct any order entered on a marketplace to comply with Requirements,
  • cancel any order entered on a marketplace, or
  • discontinue accepting orders

from the client, investment dealer or foreign dealer equivalent;

• a requirement that the client, investment dealer or foreign dealer equivalent immediately inform the Participant if the client fails or expects not to meet the standards set by the Participant; and
• a requirement that the trading activity of client, investment dealer or foreign dealer equivalent will comply with:
  • all Requirements, and
  • with the product limits or credit or other financial limits specified by the Participant.

In the case of an agreement specific to the provision of direct electronic access, a Participant must include a term that it will provide the DEA client with all relevant amendments or changes to applicable Requirements and the standards established by the Participant.  In addition, the DEA agreement must include a term requiring the client to provide the Participant with the names of its personnel that are authorized to enter an order using DEA.

IIROC is permitting Participants a further 180 days following the implementation of the Amendments to replace or amend existing electronic access agreements with clients, investment dealers, and foreign dealer equivalents to comply with the requirements for written DEA and routing agreements. 

2.2.3 Client Trading - Sub-delegation of Third-party Electronic Access

The CSA Access Rule does not permit a DEA client to “sub-delegate” its access and, in turn, provide DEA to its clients except for certain limited circumstances under which certain DEA clients may trade for their client accounts.  The Amendments are consistent with this principle.

In respect of DEA, a client may only trade for the account of another client if the DEA client is registered or exempt from registration as an adviser under securities legislation or is a foreign equivalent to an adviser that is subject to the regulatory jurisdiction of a signatory to IOSCO’s Multilateral Memorandum of Understanding in that foreign jurisdiction28. Control over sub-delegation in this manner is required to mitigate against the risk of providing market access to those who have little or no incentive or obligation to comply with the regulatory requirements or financial, credit or position limits imposed upon them. The terms of the written agreement with a DEA client must prohibit sub-delegation except as permitted for the prescribed types of DEA clients.

In distinction, investment dealers and foreign dealer equivalents in a routing arrangement are by definition trading for the accounts of their clients.  The Amendments require equally, however, for clients, investment dealers or foreign dealer equivalents, that they must agree not to permit any person to transmit an order using direct electronic access or a routing arrangement other than the personnel authorized by the client, investment dealer or foreign dealer equivalent.    

In the case of permitted trading for the accounts of other persons, a DEA client, investment dealer or foreign dealer equivalent must ensure that the orders for the other person flow through the systems of the DEA client, or for routing arrangements through the systems of a Participant or investment dealer or foreign dealer equivalent before being entered on a marketplace.  This allows the DEA client to impose the necessary controls to manage its risks given its knowledge of its client, and allows the Participant in a routing arrangement to monitor the order flow of the investment dealer or foreign dealer equivalent. The DEA client is also mandated as a term of the DEA agreement to ensure that orders for its clients are subject to reasonable risk management and supervisory controls, policies and procedures established and maintained by the DEA client. The Participant is responsible to ensure, in turn, that the DEA client has adequate controls in place to monitor the orders entering the DEA client’s system, in addition to the Participant maintaining its own controls to manage its risks.

2.2.4 Restriction on Order Transmission for DEA and Routing Arrangements

The Participant that is a member, user or subscriber and has granted DEA or entered into a routing arrangement must ensure that no order is transmitted by the client using DEA or by an investment dealer or foreign dealer equivalent under a routing arrangement unless:

• the Participant:
  • maintains and applies the established standards,
  • is satisfied that the client, investment dealer or foreign dealer equivalent meets the established standards, and
  • is satisfied the client, investment dealer or foreign dealer is in compliance with the written agreement entered into; and
• the order is subject to the risk management and supervisory controls, policies and procedures established by the Participant including the automated controls to examine each order before entry on a marketplace pursuant to the UMIR ETR.

The result is that no “naked access” is permitted for a DEA client, investment dealer or foreign dealer equivalent. The UMIR ETR (as the ETR) only permit a Participant to authorize an investment dealer to set or adjust specific risk or supervisory controls, policies and procedures in respect of “client” trading by the investment dealer when the investment dealer “has better access to information relating to the ultimate client”29. Notwithstanding that a Participant may have authorized an investment dealer to set or adjust the specific risk management or supervisory controls, policies or procedures in respect of client orders from that investment dealer, the Participant remains responsible under UMIR in respect of such orders.

2.2.5 Annual Review and Confirmation

The Participant must review and confirm at least annually that the established standards are adequate, maintained and consistently applied and that the written agreement with the prescribed terms has been complied with by the DEA client, investment dealer or foreign dealer equivalent and Participant.  

2.2.6 Notice to Market Regulator and Unique Identifier

The Amendments require a Participant upon entry into a written agreement with a DEA client, investment dealer or foreign dealer equivalent to immediately notify IIROC of the name of the client, investment dealer or foreign dealer equivalent and thereafter any change to this information. 

Under Rule 10.18, a Participant has a “gatekeeper obligation” to immediately notify IIROC if the Participant terminates the client’s DEA access or a routing arrangement, or knows or has reason to believe that the client, investment dealer or foreign dealer equivalent has or may have breached a material provision of any standard established by the Participant or the written agreement for third-party electronic access.

Following the initial notification that a Participant has granted DEA to a client or entered into a routing arrangement, a unique identifier must be assigned to the DEA client, investment dealer (other than a Participant) or foreign dealer equivalent under Rule 10.15 of UMIR.  Pursuant to Rule 6.2 of UMIR, the identifier of the DEA client, investment dealer or foreign dealer equivalent is required to be contained on each order entered on a marketplace through DEA or a routing arrangement.

2.2.7 Trading Supervision Obligations Applicable to Third-party Electronic Access

Policy 7.1 of UMIR addresses aspects of supervision related to third-party electronic access to marketplaces.  Part 9 of Policy 7.1 in particular, supplements the trading supervision requirements in Parts 1, 2, 3, 5, 7 and 8 of Policy 7.1 to specifically set out regulatory expectations related to DEA and routing arrangements regarding:

• the provision of DEA to a Retail Customer;30
• the Participant’s obligations to ensure that any modification to a previously approved automated order system in use by a client, investment dealer or foreign dealer equivalent continues to maintain appropriate safeguards;
• the requirement to monitor orders entered by the client, investment dealer or foreign dealer equivalent to identify any breaches of established standards or the agreement, unauthorized trading, improper sub-delegation of access, or failure to transmit orders through the systems of a DEA client, or Participant, investment dealer or foreign dealer equivalent trading on behalf of other persons;
• the establishment of sufficiently stringent standards by the Participant for each client, investment dealer or foreign dealer equivalent to ensure the Participant is not exposed to undue risk;
• the Participant’s responsibility to properly identify a DEA client and an originating investment dealer or foreign dealer equivalent and to maintain policies and procedures to appropriately mark and identify each order that is ultimately transmitted through DEA or the routing arrangement; and
• the requirement that the Participant monitor orders entered by third-party electronic access to identify any breaches of established standards or agreement. 

2.3 Order Execution Service

2.3.1 Requirements for Trading Through an Order Execution Service (OES)

The Amendments define “order execution service” as a service that meets the requirements, from time to time, under Dealer Member Rule 3200 governing suitability relief for trades not recommended by a Dealer Member, commonly known as “discount brokerage”. The definition is adopted in UMIR to reflect the reference to OES in UMIR 6.1 as a form of third-party electronic access which is part of a “closed system”. Currently, OES may be offered by Participants directly to clients or by non-Participant investment dealers that transmit their OES order flow to a Participant for execution on a marketplace. 

The use of OES may present similar market integrity risks as DEA or routing arrangements when automated order systems that are not provided as part of the order execution service are used by clients to transmit orders, or when a large number of orders are transmitted through an OES. Changes to the Dealer Member Rules related to OES are included in the Amendments and have been integrated into the framework for regulation of third-party electronic access to marketplaces in order to address these risks. 

Dealer Member Rule 3200 now clarifies the limitations on the manner of conducting trading activity through OES, so as to preclude provision of DEA through an OES. In particular, Dealer Member Rule 3200 imposes an obligation on a Dealer Member providing an OES to prohibit an OES client from:

• using its own automated order system to transmit or generate orders for transmission to the dealer providing the OES; or
• manually sending or generating orders to the Dealer Member that exceed the threshold on the number of orders as set by IIROC from time to time.

IIIROC is not setting a threshold on the number of orders for OES at this time; however, IIROC has reserved the authority to do so in the event order volumes associated with OES may pose risks to market integrity. Nonetheless, IIROC would expect that firms offering an OES would impose thresholds for client trading so that the dealer is not exposed to undue risk and the risk to market integrity is mitigated.

The following diagram illustrates the client and dealer relationships with respect to OES, with the changes adopted to Dealer Member Rule 3200:

2.4 Additional Amendments

2.4.1 Amendments Impacting Marketplaces

The Amendments include obligations on marketplaces. Under Rule 6.1, a marketplace cannot allow an order to be entered on the marketplace unless the order had been:

• entered by or transmitted through a Participant that is a member, user or subscriber of that marketplace or an Access Person with access to trading on that marketplace and the order contains the unique identifier of the Participant or Access Person assigned to it by the Market Regulator; or
• generated automatically by the marketplace for a person with Marketplace Trading Obligations to meet their obligations.

New Rule 10.18 of UMIR imposes a “gatekeeper obligation” on marketplaces.  A marketplace will be required to report to IIROC if the marketplace:

• terminates the access of a Participant or Access Person; or
• knows or has reason to believe that the Participant or Access Person has or may have breached a material provision of a Marketplace Rule or access agreement.

2.4.2 Amendments Impacting Participants

Under Rule 6.1, a Participant cannot allow an order to be entered on a marketplace containing the identifier of the Participant unless the order has been:

• received, processed and entered by an employee of the Participant; or
• entered on or transmitted to a marketplace through:
  • direct electronic access,
  • a routing arrangement, or
  • an order execution service.

This Amendment confirms that access by a Participant to a marketplace is a “closed system” and that each means of having an order entered on, or transmitted to, a marketplace by or on behalf of the Participant must be subject to appropriate regulatory oversight.

2.4.3 Amendments Impacting Access Persons

Under Rule 6.1, an Access Person cannot allow an order to be entered on a marketplace containing the identifier of the Access Person unless the order is:

• for the account of the Access Person; or
• entered by an Access Person who is registered or exempted from registration as an adviser in accordance with applicable securities legislation and the order is for or on behalf of a client of the Access Person acting in the capacity of adviser for that client.

This Amendment confirms that access by an Access Person to a marketplace is part of a “closed system” and that the Access Person cannot delegate the access to a marketplace or conduct business similar to a dealer.

3. Changes from the Proposed Amendments and Proposed Guidance

The Amendments as approved vary from the Proposed Amendments in a number of areas. To address comments received in response to specific questions raised in the request for comments:

• the proposed prohibition on Institutional Customers having OES accounts has been removed (thus, the Amendments do not prevent Dealer Members from offering OES accounts to Institutional Customers);
• the definition of “Participant” in UMIR has not been expanded, as it was determined that extending this definition for anti-avoidance purposes was not required because UMIR ETR and the Amendments clearly prohibit a Participant from providing “naked access”;
• a structural change was made to eliminate duplicative rule requirements such that the Rules and Policy relating to DEA and routing arrangements have been combined into Rule 7.13 and Part 9 of Policy 7.1; and the monitoring requirements related to the use of automated order systems in OES accounts have been removed.

To address comments requesting consistency between IIROC rules and the CSA Access Rule, the Amendments:

• conform with changes in the CSA Access Rule referencing DEA clients that are “registered or exempt from registration as an adviser” in place of clients “registered as a portfolio manager or restricted portfolio manager”;
• conform with a change to the CSA Access Rule referencing the prohibition on granting DEA to a “client acting and registered as a dealer in accordance with securities legislation”, rather than the previous prohibition in respect of a “registrant other than a portfolio manager or restricted portfolio manager”;
• conform with the CSA Access Rule by adding a requirement in the agreement for co-operation with the Participant by the client, investment dealer or foreign dealer equivalent in connection with any investigation or proceeding by any marketplace or the Market Regulator with respect to trading conducted pursuant to direct electronic access or a routing arrangement;
• conform with the CSA Access Rule and qualify the requirement for a term in the agreement to permit the variation or correction of orders by the Participant granting access, by the phrase “to comply with Requirements” to account for circumstances when such action may be necessary to comply with regulatory requirements such as the Order Protection Rule or instruction of a Market Integrity Official under UMIR31; and
• change the notification requirement respecting names of authorized personnel of a DEA client to conform with the CSA Access Rule, so that the names are to be provided by the DEA client to the Participant, rather than to the Market Regulator.

To provide clarity and ensure consistency within UMIR, the Amendments:

• amend the definition of “routing arrangement” to conform with wording in the UMIR DEA definition by eliminating reference to “direct or indirect access by a Participant to a foreign organized regulated market”, thereby alleviating any unintended extension of jurisdiction; and
• add a provision to Part 9 of Policy 7.1 to clarify that, similar to a routing arrangement, the Participant has an obligation to maintain policies and procedures to assure that orders routed by a DEA client to the executing Participant containing the Participant’s identifier are marked with all identifiers and designations relevant to the order as required under Rule 6.2 of UMIR on the entry of the order to a marketplace.

To ensure consistency between Dealer Member Rule 1300 and Dealer Member Rule 3200, editorial modifications have been made. A blackline identifying all of the Dealer Member Rule Amendments is provided at Appendix “D”.

The guidance respecting third-party electronic access to marketplaces (“Guidance”)32 varies from the Proposed Guidance by the addition of clarifications in response to questions received from industry representatives during the comment period. These changes are reflected in the Guidance which confirms that:

• “naked access” is not permitted;
• DEA and routing arrangement requirements do not apply to client order flow that is intermediated by a Participant’s algorithm; and
• a foreign dealer equivalent that is also registered as an exempt market dealer is permitted to use electronic access, but is not eligible to use electronic access when acting in its capacity as an exempt market dealer for Canadian clients.
• Editorial changes were also made to the Proposed Guidance to conform with changes that have been made to the Proposed Amendments. A blackline of the Guidance, identifying revisions made to the Proposed Guidance, is provided at the back of Appendix “C”.

4. Summary of the Impact of the Amendments

4.1 General Requirements Related to Third-Party Access to Marketplaces

The following is a summary of the most significant impacts of the adoption of the Amendments.  In particular:

• Participants who provide direct electronic access or a routing arrangement must:
  • establish standards to manage the attendant risks,
  • enter into written agreements with each client, investment dealer or foreign dealer equivalent to which the Participant will provide access,
  • ensure that orders contain the identifier of the client, investment dealer or foreign dealer equivalent,
  • establish and apply appropriate supervisory and compliance procedures for orders entered under direct electronic access or a routing arrangement,
  • at least annually review the standards and compliance of each client, investment dealer or foreign dealer equivalent with the standards and written agreement, and
  • establish procedures for reporting to IIROC non-compliance by a client, investment dealer or foreign dealer equivalent with the standards or written agreement, and any termination of the access arrangement; and
• marketplaces will have to review their policies and procedures to ensure that:
  • orders entered on the marketplace are from a Participant that is a member, user or subscriber of that marketplace or an Access Person with access to trading on that marketplace, and
  • the marketplace reports to IIROC any termination of access of a Participant or Access Person to the marketplace, potential material breach of any Marketplace Rule or agreement pursuant to which access was granted to a marketplace.

4.2 Significant Changes to Existing Regulatory Requirements

While the Amendments and the CSA Access Rule introduce a new and more comprehensive framework for third-party electronic access to marketplaces, many of the components of these requirements build on:  existing marketplace requirements for direct market access; regulatory requirements and guidance on trade supervision and compliance; and established industry practices. As such, many of the Amendments either formalize or clarify existing requirements or practices. There are, however, a number of changes to the existing regulatory requirements with respect to third-party electronic access to marketplaces. 

4.2.1 Direct Electronic Access

Unlike the current marketplace rules and contractual provisions for “direct market access”, the Amendments and the CSA Access Rule:

• eliminate the concept of an “eligible client list” and provide that DEA may be provided to clients (provided that DEA may not be granted to a client acting and registered as a dealer under applicable securities legislation);
• require the Participant to establish standards and review the standards annually;
• eliminate the requirement for pre-approval of the systems of the Participant or the form of the agreement to be executed with each client provided DEA;
• require the Participant to annually review compliance by each client with the standards and the written agreement;
• provide for a gatekeeper obligation for reporting to IIROC non-compliance with the standard and written agreement; and
• limit the sub-delegation of access by a client.

With the repeal of marketplace direct market access rules and the elimination of the concept of an “eligible client list”, a Participant will be able to offer DEA to a broader range of clients but the Participant must ensure that DEA is suitable for the client. A Participant is exempt from “suitability” requirements for orders entered through DEA by a client but the Participant is unable to provide recommendations to a client with DEA.

4.2.2 Routing Arrangements

Historically, Participants and investment dealers have had a number of “introducing broker-carrying broker” arrangements.  The Amendments address only those relationships in which the Participant provides third-party electronic access to marketplaces without the order flow being intermediated by an employee of the Participant. While National Instrument 31-103 sets out broad requirements for a firm to establish, maintain and apply policies and procedures that establish a system of controls and supervision to “manage the risks associated with its business in accordance with prudent business practices”, the Amendments require that the standards established by the Participant address a number of specific factors including that the investment dealer or foreign dealer equivalent has reasonable knowledge of and the ability to comply with all Requirements, including the marking of each order with the designation and identifiers required by Rule 6.2.  With the adoption of the Amendments, a unique identifier of the introducing broker or foreign dealer equivalent will have to be included on each order.  The standards established by the Participant would also require the introducing broker to “take all reasonable steps” to ensure that its or its clients’ use of an automated order system does not interfere with fair and orderly markets and that each automated order system used by itself or its clients is tested before the initial use or introduction of a significant modification and at least annually thereafter.

4.2.3 Order Execution Services

For Participants and other investment dealers that provide OES, the Amendments prohibit an OES client from using its own automated order system to generate orders. The Participant or investment dealer can, however, continue to provide automated order systems to its OES clients. The Amendments also restrict “high order volume” clients (clients whose trading activity exceeds a threshold set by IIROC) from using OES accounts. IIROC has not set a threshold; therefore there is no immediate impact in this respect on Participants and other investment dealers that provide OES.

4.3 Order Flow to Marketplaces

The following diagram summarizes the order flow to marketplaces further to the adoption of the Amendments. The diagram confirms that:

• the only means to access a marketplace for the purpose of trading a listed or quoted security is:
  • as an Access Person as a subscriber to an ATS, or
  • by or through a Participant as a member of an Exchange or subscriber to an ATS; and
• unless a client order is intermediated, the only third-party access that a Participant can provide will be governed by one of three options:
  • order execution service,
  • direct electronic access, or
  • routing arrangement.

5. Technological Implications

The technological implications and any associated costs related to the Amendments on Participants, Access Persons, investment dealers and marketplaces are expected to be commensurate with the degree of sophistication of trading and type of third-party electronic access to marketplaces sought to be provided.  To the extent that the forms of access to marketplaces which are covered by the Amendments currently exist, IIROC does not expect that significant additional technological implications would be imposed on industry participants at this time by the introduction of the more formal framework to govern electronic access to marketplaces.  Industry has already been expected to adopt the necessary technology for third-party electronic access as set out in previous IIROC guidance and pursuant to the marketplace rules and policies related to direct access to marketplaces in order to mitigate risk and preserve market integrity as well as in accordance with the UMIR ETR.

The Amendments introduce requirements that an order from a client with DEA or an investment dealer or foreign dealer equivalent under a routing arrangement contain the unique identifier assigned by IIROC to such client, investment dealer or foreign dealer equivalent. At this time, IIROC is continuing the practice that is currently used for the identification of orders from clients with DMA such that unique identifiers will be included in the “User ID” field (as designated by the marketplace on which the order is entered) for DEA clients, and for investment dealers and foreign dealers under routing arrangements. Some changes may be required to the systems of Participants to ensure that the appropriate identifier is added in this field when orders are entered by a client through DEA or received from an investment dealer or foreign dealer equivalent under a routing arrangement. This is particularly true in the case of investment dealers that are not Participants as this third-party order flow is not currently being identified in this manner by executing Participants. The introduction of the identifier requirements also may have a technological impact on the systems of marketplaces and service providers. 

IIROC acknowledges the forgoing technological implications; however, IIROC is of the view that they are proportionate to the benefits provided to the market as a whole given the policy objectives of the Amendments to protect market integrity, mitigate dealer and systemic risks and increase the confidence of investors.

6. Implementation Plan

The Amendments have been approved by the Recognizing Regulators as of the date of this Rules Notice. Implementation of the Amendments has been deferred and they will become effective on March 1, 2014.

The Amendments require Participants to enter into written agreements with clients who have been provided direct electronic access and with investment dealers or foreign dealer equivalents under a routing arrangement. As a transitional matter, IIROC will permit Participants a further 180 days following the implementation of the Amendments to replace or amend any existing access agreements with clients, investment dealers or foreign dealer equivalent to comply with the requirements regarding written agreements introduced by the Amendments.

Appendices

Appendix A — Text of UMIR Amendments

Appendix B — Text of Dealer Member Rule Amendments

Appendix C — Comments Received in Response to Rules Notice 12-0315 - Rules Notice – Request for Comments – UMIR - Proposed Provisions Respecting Third-Party Electronic Access to Marketplaces (October 25, 2012)

Appendix D — Text of Dealer Member Rules with blacklined Amendments

• 6For example TSX Rule Book Part 2 – Access to Trading, Division 5 – Connection of Eligible Clients of Participating Organizations, Rules 2-501, 2-502 and 2-503. Notably, IIROC Trading Conduct Compliance has engaged in direct market access reviews in part on behalf of TSX, to which the results are provided.
• 7See Market Integrity Notice 2007-009– Request for Comments – Provisions Respecting Access to Marketplaces (April 20, 2007).
• 8IIROC expects that marketplaces will be adapting their existing direct access rules and policies given the CSA Access Rule and Amendments, including removal of the concept of “eligible client” from marketplace rules, so that Participating Organizations, Members and Subscribers will not restrict their client base and to remove duplicative requirements, such as prescribed provisions in written agreements between a Participant and a client.
• 9See Securities and Exchange Commission (SEC) Rule 15c3-5 Risk Management Controls for Brokers or Dealers with Market Access published in November, 2010, which effectively prohibits broker-dealers from providing unfiltered access to any marketplace; European Commission Proposal for a Directive of the European Parliament and of the Council, COM(2011) 656 final at here; the Australian Securities and Investments Commission (ASIC) Consultation Paper 184: Australian market structure - Draft market integrity rules and guidance on automated trading, at here and Regulatory Guide 241 Electronic trading (November, 2012); and European Securities and Markets Authority (ESMA) Guidelines - Systems and controls in an automated trading environment for trading platforms, investment firms and competent authorities, published February 24, 2012 at here.
• 10See here.  For the purposes of the IOSCO DEA Report, “direct electronic access” or “DEA” was defined as  following three major pathways:  (i) an arrangement where an intermediary, who is a market-member, permits its customers to transmit orders electronically routing through an intermediary’s infrastructure, and the order is in turn automatically transmitted for execution to a market-maker under the intermediary’s market-maker ID (“automated order routing”); (ii) an arrangement where an intermediary, who is a market-member, may permit its customers to use its member ID to transmit orders for execution directly to the market without using the intermediary’s infrastructure (“sponsored access”); and (iii) a person, who is not registered as an intermediary, such as a hedge fund or proprietary trading group, becomes a market-member, and in that capacity, in the same way as members that are registered intermediaries, connects directly to the market's trade matching system using its own infrastructure and member ID (“direct access”).  
• 11See (2012) 35 OSCB 8599.
• 12See IIROC Notice 12-0363 – Rules Notice – Notice of Approval – UMIR – Provisions Respecting Electronic Trading and related guidance IIROC Notice 12-0364 – Rules Notice – Guidance Note - UMIR – Guidance Respecting Electronic Trading (December 7, 2012).
• 13Market Integrity Notice 2005-006 – Guidance - Obligations of an “Access Person” and Supervision of Persons with “Direct Access” (March 4, 2005).
• 14Market Integrity Notice 2007-010 – Guidance - Compliance Requirements for Dealer Sponsored Access (April 20, 2007); Market Integrity Notice 2007-011 –  Guidance - Compliance Requirements for Order Execution Services (April 20, 2007); Market Integrity Notice 2008-003 – Guidance – Supervision of Algorithmic Trading (January 18, 2008); and IIROC Notice 09-0081– Rules Notice – Guidance Note – Specific Questions Related to Supervision of Algorithmic Trading (March 20, 2009).
• 15Previously, order execution services were regulated under Policy 4 and Policy 9 of the former Investment Dealers Association.  Currently, DMR 3200 governs how Dealer Members qualify for suitability relief to provide order execution services.  DMR 3200 refers to retail account supervision requirements outlined in DMR 2500, other than suitability.  In addition, DMR 2700 currently governs Institutional Customer account opening, operation and supervision.  Any account other than an Institutional Customer account governed by DMR 2700 is governed by DMR 2500.
• 16IIROC Notice 11-0232 – Enforcement Notice – Decision - In the Matter of Morgan Stanley Canada Limited - Settlement (August 3, 2011) and IIROC Notice 11-0045 - Enforcement Notice – Decision - In the Matter of Credit Suisse Securities(Canada) Inc. - Settlement (February 2, 2011).
• 17See subsection 4.2(2) of NI 23-103 which does not permit the provision of DEA to a dealer.
• 18See s. 4.1 of NI 23-103. IIROC is not the regulation services provider to all marketplaces in Canada, such as the Montreal Exchange. The CSA Access Rule would apply to a member of a recognized exchange that directly monitors the conduct of its members and enforces requirements set under subsection 7.1(1) of NI 23-101 but has not established similar requirements.
• 19The CSA expressed the view in the Companion Policy to NI 23-103 that: “… in general, retail investors should not be using DEA and should be sending orders using order execution services.  However, there are some circumstances in which individuals are sophisticated and have access to the necessary technology to use DEA (for example, former registered traders or floor brokers).  In these circumstances, we expect that the participant dealer chooses to offer DEA to an individual, the participant dealer will set standards high enough to ensure that the participant dealer is not exposed to undue risk.  It may be appropriate for these standards to be higher than those set for institutional investors.  All requirements relating to risk management and supervisory controls, policies and procedures would apply when granting DEA to an individual.”
• 20“Investment Dealer” is defined in National Instrument 31-103 – Registration Requirements, Exemptions and Ongoing Registrant Obligations.
• 21UMIR 1.1 defines a “foreign dealer equivalent” as a person in the business of trading securities in a foreign jurisdiction in a manner analogous to an investment dealer and that is subject to the regulatory jurisdiction of a signatory to the International Organization of Securities Commissions’ Multilateral Memorandum of Understanding in that foreign jurisdiction.
• 22See Dealer Member Rule Amendments in Appendix “B” to this Rules Notice. The Proposed Amendments had intended to restrict order execution services provided pursuant to Dealer Member Rule 3200 to Retail Customers and require a Participant offering order execution services to review, on an on-going basis, whether the account was appropriate to use such service and, on an annual basis, that the account is not using a third-party automated order system.  Those proposals have not been brought forward with the Amendments.  New amendments to the Dealer Member Rules may be proposed as part of a separate request for comments.
• 23Dealer Member Rule 1 defines “Institutional Customer” as:
  1.  An Acceptable Counterparty (as defined in Form 1);
  2. An Acceptable Institution (as defined in Form 1);
  3. A Regulated Entity (as defined in Form 1);
  4. A Registrant (other than an individual registrant) under securities legislation; or
  5. A non-individual with total securities under administration or management exceeding $10 million.
• 24In the case of a routing arrangement between Participants, any order entered on a marketplace by a Participant on behalf of the other Participant is defined as a “jitney order” under Rule 1.1 of UMIR and must be marked accordingly. Rule 6.2(1)(a) mandates that each jitney order entered on a marketplace shall contain the identifier of the Participant for or on behalf of whom the order is entered, and Rule 6.2(1)(b)(xii) requires that each jitney order entered on a marketplace contain the jitney designation.
• 25Currently, those investment dealers that are not a member, user or subscriber are not subject to UMIR except to the extent that a related entity to a Participant is party to the routing arrangement.  Rule 10.4 provides that a related entity of a Participant and a director, officer, partner or employee of the Participant or a related entity of the Participant shall:  (a) comply with the provisions of UMIR and any Policies with respect to just and equitable principles of trade, manipulative and deceptive activities, short sales and frontrunning as if references to “Participant” in Rules 2.1, 2.2, 2.3, 3.1 and 4.1 included reference to such person; and (b) in respect of the failure to comply with the provisions of UMIR and the Policies referred to in clause (a), be subject to the practice and procedures and to penalties and remedies set out in this Part.
• 26“Requirements” are defined collectively in UMIR 1.1 as:  (a) UMIR; (b) the Policies; (c) the Trading Rules; (d) the Marketplace Rules; (e) any direction, order or decision of the Market Regulator or a Market Integrity Official; and (f) securities legislation, as amended, supplemented and in effect from time to time.
• 27See ETR which defines the term “automated order system” as “a system used to automatically generate or electronically transmit orders that are made on a pre-determined basis”.
• 28As a result of this restriction, a foreign dealer equivalent may be a DEA client in respect of its own proprietary trading.  A foreign dealer equivalent that enters orders electronically directly on a marketplace for any other person would have to do so through a routing arrangement. Foreign registrants that are acting on behalf of clients but are not the equivalent of an investment dealer or adviser would not be entitled to obtain third-party electronic access to marketplaces but would have to use intermediated access through a Participant in respect of their client order flow.
• 29See IIROC Notice 12-0364 - Provisions Respecting Electronic Trading, op. cit., with reference to Rule 7.1(7),(8).
• 30See previous discussion at section 2.2.1 - Arrangements for Access between Participants and Clients, Investment Dealers and Foreign Dealer Equivalents.
• 31Please refer to UMIR 10.9 respecting the power of a Market Integrity Official.
• 32IIROC Notice 13-0185 - Rules Notice – Guidance Note – UMIR – Guidance Respecting Third-Party Electronic Access to Marketplaces (July 4, 2013).