1. Background

The Amendments align UMIR with the requirements set out in the ETR, and introduce new provisions detailing the responsibilities of Participants and Access Persons with respect to the supervision of electronic trading.

The ETR provides a comprehensive framework designed to address areas of concern and risks brought about by electronic trading.  Such risks include those relating to liability, credit, market integrity, sub-delegation, technology or systems and regulatory arbitrage. 

1. Trading Supervision Obligations

2. Risk Management and Supervisory Controls, Policies and Procedures

Rule 7.1 of UMIR establishes trading supervision obligations which Participants must follow including the establishment of written policies and procedures to ensure compliance with UMIR.  Part 1 of Policy 7.1 currently provides that a Participant has an obligation to supervise orders which are entered on a marketplace:

• by traders employed by the Participant;
• by an employee of the Participant through an order routing system;
• directly by a client and routed to a marketplace through the trading system of a Participant; or
• by any other means.

A Participant retains the responsibility for any order entered on a marketplace under the unique identifier assigned to that Participant in accordance with Rule 10.15 of UMIR, regardless of whether that order originates from a client being provided marketplace access.  IIROC expects that a Participant will have adequate supervisions policies and procedures and compliance testing which address the additional risk exposure brought about by the provision of marketplace access to a client.

Supervisory and compliance monitoring procedures should be designed to detect and prevent account activity that is or may be in violation of Requirements, which include applicable securities legislation, requirements of any self-regulatory organization applicable to the account activity, and the rules and policies of any marketplace on which the account activity takes place.  These procedures should include both the monitoring of trading activity as provided under Part 5 of Policy 7.1, and post-order entry compliance as provided by Part 1 of Policy 7.1.

In keeping with the requirements applicable to marketplace participants under the ETR, the Amendments require that a Participant or Access Person adopt, document and maintain a system of risk management and supervisory controls, policies and procedures designed to ensure the management of the financial, regulatory and other risks associated with:

• access to one or more marketplaces; and
• if applicable, the use by the Participant, Access Person or any client of an automated order system

Part 7 of Policy 7.1 provides further specificity, and requires the risk management and supervisory controls, policies and procedures employed by a Participant or Access Person to include:

• automated controls to examine each order before entry on a marketplace to prevent the entry of an order which would result in:
  • the Participant or Access Person exceeding pre-determined credit or capital thresholds,
  • a client of the Participant exceeding pre-determined credit or other limits assigned by the Participant to that client, or
  • the Participant, Access Person or client of the Participant exceeding pre-determined limits on the value or volume of unexecuted orders for a particular security or class of securities;
• provisions to prevent the entry of an order that is not in compliance with Requirements;
• making available immediate order and trade information to compliance staff of the Participant or Access Person; and
• regular post-trade monitoring for compliance with Requirements.

The automated pre-trade controls are required to not only examine each order before it is entered on a marketplace, but should also be designed to monitor orders of the Participant, Access Person or any client which have been entered, but have not been executed. The documentation of the risk management and supervisory controls, policies and procedures should be in written form and should include a description and function of the automated controls.  It is important to note that while pre-trade controls need to establish limits on individual clients, they must also be able to set thresholds for the overall position of the Participant with respect to:

• its capital thresholds; and
• its pre-determined limits on the value or volume of unexecuted orders for a particular security or class of securities.

A Participant’s post-order entry monitoring for compliance should adequately account for situations where a client is provided access to a marketplace.  Given the limited involvement of staff of the Participant in the entry of orders by clients with such access, it may be appropriate for the Participant to sample, for compliance testing, a higher percentage of orders that have been entered directly by clients than the percentage of orders sampled in other circumstances.

At a minimum, the post-order entry compliance procedures for clients who have been provided access to a marketplace should address the procedures for testing:

• orders that have been entered for order markers as required by Rule 6.2 of UMIR, and in particular;
  • the short sale marker if the trading system of the Participant does not automatically code as “short” any sale of a security not held at the time of order entry in the account of the client other than a client required to use the “short-marking exempt” designation, and
  • the insider or significant shareholder order markers
• orders that have been entered which may constitute “spoofing” contrary to Rule 2.2 of UMIR (the entry of an order or orders which are not intended to be executed for the purpose of determining the depth of the market, checking for the presence of an iceberg order, affecting an opening price or other similar purpose);
• orders that have been entered on a marketplace and trades that have executed which potentially create an artificial price contrary to Rule 2.2 of UMIR;
• trades for “wash trading” (in circumstances where the client has more than one account with the Participant); and
• trades for failure in settlement.

1. Use of Third Party Services for Risk Management and Supervisory Controls, Policies and Procedures

Subsection (7) of Rule 7.1 allows the use of third party services that provide risk management and supervisory controls, policies and procedures.  This third party must be independent of each client of a Participant, other than affiliates of the Participant.  If a Participant chooses to “outsource” or retain the services of a third party, this must be subject to a written agreement which precludes the third party from providing any other person control over any aspect of the risk management and supervisory control, policies and procedures.  The Participant must have direct and exclusive control over the setting and adjusting of its supervisory and risk management controls.

If the Participant uses a third party to provide the supervisory controls, policies and procedures, the Participant or an authorized investment dealer must be the only persons that may set or adjust the controls even though the setting or adjustment will be effected by the third party provider. 

1. Authorizations to Set Risk Management and Supervisory Controls, Policies and Procedures to an Investment Dealer

Rule 7.1 allows a Participant, on a reasonable basis, to authorize an investment dealer to perform on its behalf the setting or adjustment of a specific risk management or supervisory control, policy or procedure.3  Such an authorization would require a written agreement as provided by subsection (8) of Rule 7.1.

The policy rationale for permitting a Participant to authorize an investment dealer to perform on its behalf a supervisory and risk management control, policy or procedure is the recognition that situations exist where a participant dealer may determine that another investment dealer has a relationship with the ultimate client such that the investment dealer, having better access to information relating to the ultimate client, would be in a position to more effectively set or adjust the control, policy or procedure.  As such, an authorization with respect to accounts is only permitted if the investment dealer is in fact trading for an ultimate client (other than an affiliate of the Participant).  The Amendments make it clear that, if there is no ultimate client (other than an affiliate of the Participant) and the trading is being made on a proprietary basis, no authorization may be made.  Authorizations with respect to proprietary accounts would be permitted only if the authorization is being made to an investment dealer that is a Participant for the purposes of UMIR.

It is expected that a Participant in an authorization arrangement would regularly assess the adequacy of the authorization arrangement with the investment dealer with respect to the provisions of the written agreement, and that this assessment would be done at least annually on the anniversary date of the written agreement.

Any authorization of control would not relieve a Participant of its responsibilities under Rule 7.1 to adopt, document and maintain a system of risk management controls and supervisory policies and procedures reasonably designed, in accordance with prudent business practices, to ensure the management of its financial, regulatory and other risks.

1. Provisions Applicable to the Use of Automated Order Systems

Previous IIROC guidance has been clear that as part of its on-going supervision requirements, a Participant must be aware of the origin of the orders entered not only by its own staff, but by any client.4  This requirement includes situations when a client which has been provided access to a marketplace is using an automated order system.

Automated order systems provide a Participant or a client of a Participant, the ability to enter high volumes of orders on one or more marketplaces in a short period of time, and can potentially disrupt the operation of a fair and orderly market if they malfunction.  As such, IIROC expects a Participant to have effective risk management and supervisory controls, policies and procedures in place to prevent and detect potential violations of UMIR and applicable securities requirements, as well as to prevent the entry and execution of unreasonable or erroneous orders and trades on a marketplace.

As set out in Part 8 of Policy 7.1, each Participant and Access Person is required to have an appropriate level of knowledge and understanding of any automated order system used by the Participant or Access Person, or any client.  IIROC would view an appropriate level of knowledge to be that which is sufficient for the Participant or Access Person to identify and manage the risk associated with the operation of the automated order system.

Additionally, Part 8 of Policy 7.1 requires that every automated order system is tested initially before use, and at least annually thereafter.  Testing should consider how the automated order systems would function assuming various market conditions and a written record must be maintained to demonstrate such testing.  IIROC expects that testing would also occur following any material modification or change to an automated order system.

IIROC is of the view that, if a Participant is using an automated order system provided by a third party provider (that is not the client or an affiliate of the client that intends to use the automated order system), the Participant may rely on representations from the service provider for those aspects of the automated order system that the Participant cannot reasonably test independently.  This is not to say that a Participant is not obligated to ensure that the automated order system has been appropriately tested, and as part of its supervisory policies and procedures, IIROC expects a Participant to maintain written records documenting the testing undertaken by itself, or by any third party service provider.  Notwithstanding that a Participant may rely on representations from the provider of the automated order system for certain aspects of the testing of the trading system, the Participant continues to be responsible for any offending order entered on or trade executed on a marketplace resulting from the improper operation of the automated order system.  As such, IIROC expects that each Participant or Access Person will have the ability to immediately override or disable any automated order system and thus prevent any orders being generated from reaching a marketplace.

When establishing the automated parameters for monitoring order flow on a pre-order entry basis, a Participant should consider the type of strategy being employed by any automated order system.  More specifically the Participant must give consideration to the potential market impact of defining such parameters inappropriately and, at the minimum, the parameters should be set to prevent an order exceeding:

• the marketplace thresholds applicable to the marketplace on which the order is intended to be entered to the extent that such marketplace thresholds are publicly disclosed and readily ascertainable; and
• the limits publicly disclosed by IIROC for the exercise of the power of a Market Integrity Official under Rule 10.9 of UMIR.

A smart order router is included in the definition of an automated order system.  ETR and UMIR require automated controls to evaluate orders “before entry on a marketplace”.  As such, orders must “pass through” filters that are under the control of the Participant or Access Person entering the order.  If orders do not pass through the filters controlled by the Participant, the automated controls would have to be at the level of the smart order router.  IIROC recognizes that current smart order routers in use in Canada generally do not have that capacity.  Without this capacity, orders from a client could not be entered directly to a smart order router without passing through the automated controls that have been set by the Participant.

1. Questions and Answers

The following is a list of questions regarding the obligations of a Participant or Access Person under UMIR with respect to various supervision and compliance considerations related to electronic trading:

1. Is there an obligation to monitor orders on a real-time basis?
   
   Yes.  As set out in Part 7 of Policy 7.1, a Participant or Access Person must have automated controls to examine each order before entry on a marketplace to ensure that the order does not exceed certain parameters which are part of the risk management and supervisory controls, policies and procedures employed by the Participant or Access Person.  These parameters include credit or capital thresholds and volume or value limits.  Additionally, the Participant or Access Person is required to prevent the entry of orders which are not in compliance with Requirements including applicable securities legislation, requirements of any self-regulatory organization applicable to the account activity and the rules and policies of any marketplace on which the account activity takes place.
2. Can a Participant rely on the risk management and supervisory controls, policies and procedures of a client?
   
   No.  Although some clients may have very sophisticated systems already in place to manage risks, it is not appropriate for a Participant to rely on the systems of a client to manage the Participant’s own risks.  A Participant must ensure that the risk management and supervisory controls, policies and procedures are sufficient to manage the risks of its own business, and the systems of a client would not necessarily be aligned with the risk management requirements of the Participant. 
   
   A Participant is permitted to use the service of a third party that provides such controls, provided that the third party is independent of each client of a Participant other than affiliates of the Participant.
3. Should a Participant establish different pre-order entry controls for different types of business?
   
   Yes.  A Participant should adapt their automated controls to the type of business in which they are engaged.  A Participant offering marketplace access to clients would need to establish appropriate credit limits for each client.  Participants offering certain types of intermediated services would need to establish appropriate capital limits for each trader.  Participants should not be relying on a “one-size-fits-all” policy.
   
   All orders must be subject to automated pre-trade controls.  The particular automated controls to which any order is subjected will depend on the type of business and how the order has been handled by the Participant.  Orders that are received electronically by a Participant and entered on a marketplace by the Participant electronically without intermediation by a registered employee will be subject to automated pre-entry controls which reflect that fact.  Nonetheless, if orders are intermediated, there must be automated pre-entry controls that are appropriate to the orders being entered by that trader.  For example, among the appropriate automated pre-entry controls would be “fat finger” checks and value limits applicable to the trader.
   
   A Participant is not required to undertake one aggregate client risk calculation across different electronic access channels or asset classes.  A Participant may establish a separate limit to be determined for each channel or asset class.  Participants are able to continue to assess the aggregate client risk on a post-trade basis. 
   
   A Participant may establish capital limits for each trader, including a separate limit to be determined for each channel or asset class.  Participants are able to continue to assess aggregate market risk on a post-trade basis.
4. Is there a requirement to do “post-order entry” compliance testing on a real-time basis?
   
   Not necessarily.  However, it is possible that certain types of order flow would require greater monitoring, and a Participant should examine the nature of its trading activities to determine what if any real-time compliance monitoring is required.
5. Would a Participant be expected to obtain the proprietary code for automated order systems employed by a client?
   
   No.  IIROC recognizes that certain information about automated order systems would be considered sensitive and proprietary property of the client.  However, it is expected that a Participant would obtain enough information about an automated order system to be able to make an adequate assessment of the risk associated with its use, and subsequently manage those risks through an appropriate system of risk management and supervisory controls, policies and procedures.  Notwithstanding a Participant’s reliance on representations by a client, the Participant continues to be responsible for all orders entered on a marketplace by an automated order system including under circumstances that commonly would be referred to as a “runaway algo”.  The responsibility of the Participant would apply even in instances in which the cause of the malfunction was attributed to an aspect of the automated order system’s operation that was not available to be independently tested by the Participant.
6. Is a Participant itself expected to test any automated order system employed by a client?
   
   It depends.  A Participant must ensure that any automated order system used by the Participant or a client is tested in accordance with prudent business practices initially prior to use and at least annually thereafter.  A Participant must be satisfied that appropriate testing of a client’s automated order system has been performed and written documentation must be maintained to demonstrate that such testing has taken place and is deemed satisfactory.  In certain cases, the Participant would be expected to undertake or participate in the testing of an automated order system developed by a client if that client does not have a demonstrated history of developing and operating automated order systems.
7. Which aspects of the risk management and supervisory controls, policies and procedures can a Participant authorize an investment dealer to set or adjust?
   
   The ability of a Participant to authorize an investment dealer to perform on behalf of the Participant the setting or adjustment of a specific risk management and supervisory control, policy or procedure is designed to accommodate situations where an investment dealer would have better knowledge of the ultimate client, and thus would be in a better position to set or adjust that control.  Any authorization should be made based on such an assessment, and is not intended to allow a Participant to offload its responsibilities.  A Participant is ultimately responsible for all orders entered under its unique identifier, and thus needs to thoroughly review any authorization arrangements to ensure that they are able to satisfy their trading supervision obligations outlined in both Rule 7.1 and Policy 7.1.  A Participant is not able to authorize an investment dealer to set or adjust controls, policies or procedures over proprietary accounts of an investment dealer unless that dealer is a Participant for the purposes of UMIR.

An authorization in respect of a specific risk management and supervisory control, policy or procedure may not be made to an investment dealer for proprietary accounts unless that investment dealer is a Participant for the purposes of UMIR.

1. Impact on Existing Guidance

This Rules Notice repeals and replaces earlier guidance on supervision and compliance matters related to electronic trading.  In particular, effective March 1, 2013, the guidance in the following notices is repealed:

• Market Integrity Notice 2008-003 – Guidance – Supervision of Algorithmic Trading (January 18, 2008); and 
• IIROC Notice 09-0081 – Rules Notice – Guidance Note – UMIR – Specific Questions Related to Supervision of Algorithmic Trading (March 20, 2009).

• 3The term “investment dealer” is interpreted as “an investment dealer for the purposes of National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations”.
• 4See Market Integrity Notice 2008-003 – Guidance – Supervision of Algorithmic Trading - January 18, 2008.