1. Guidance on Trading Supervision Obligations

This Notice clarifies IIROC’s expectations on the application of UMIR 7.1 and Policy 7.1. Participants are reminded that failure to develop, implement and maintain written policies and procedures in accordance with UMIR 7.1 and Policy 7.1 may result in disciplinary action against the firm, its management, employees, and board of directors.

As part of each review by Trading Conduct Compliance, IIROC will review the policies and procedures developed by the Participant to determine if they are reasonably designed to:

• ensure compliance with applicable Requirements
• prevent and detect violations of the Requirements.

IIROC will determine the reasonability of the policies and procedures by taking into account the size, nature of the business and the experience and training of the employees of the Participant.  However, we note that Trading Conduct Compliance reviews do not constitute an approval of the policies and procedures or supervision system by IIROC.

On an ongoing basis, the Participant’s board of directors must ensure that the principal risks for non-compliance with the Requirements have been identified, and that appropriate supervision and compliance procedures and systems to manage those risks have been implemented. Management of the Participant is responsible for ensuring that the supervision system is appropriately designed and effectively carried out.

Each Participant must ensure that its supervisory functions and compliance department are adequately funded, staffed and empowered to fulfill its responsibilities. Inadequate funding of the compliance department or supervisory functions may be taken into account in the context of any disciplinary action.

Part 1 of Policy 7.1 requires a Participant “to develop and implement a clearly defined set of policies and procedures that are reasonably designed to prevent and detect violations of Requirements”. Participants are reminded that the term “Requirements”, as defined in UMIR 1.1, includes more than just UMIR and its Policies. Specifically, “Requirements” includes:

• UMIR and its Policies
• National Instrument 23-101 (Trading Rules)
• rules, policies and other similar instruments adopted by a marketplace (Marketplace Rules)

• any direction, order or decision of the Market Regulator or a Market Integrity Official (Decisions)
• securities legislation.

Policy 7.1 sets out requirements for both supervisors and compliance departments and requires that a supervision system include both supervision policies and procedures and compliance policies and procedures.  Policy 7.1 uses a number of terms regarding supervision systems that are not specifically defined in UMIR or the Policy.  The following are IIROC’s administrative interpretations for these various terms:

• “supervision system” and “supervisory system” encompass the activities of both the supervision procedures and the compliance procedures
• “supervise”, “supervision”, “supervisor”, and “supervisory” refer to the responsibilities of the head of trading1 and “each person who has authority or supervision over or responsibility to the Participant for an employee of the Participant” with respect to the trading activities of the Participant as described in UMIR 7.1(4). A Participant may have more than one head of trading and any number of persons who have authority over the trading activity of employees
• “supervision procedures” are the policies and procedures to be followed by supervisors that are aimed at preventing violations from occurring
• “compliance department” and “monitoring” refer to the responsibilities of the persons responsible for the compliance activities of the Participant
• “compliance procedures” are the policies and procedures to be followed by the compliance department that are aimed at detecting whether violations have occurred
• “management” means those persons who are in supervisory roles, including those responsible for compliance department supervision.

Elements of a Supervision System

A supervision system must include both compliance procedures aimed at detecting violations and supervision procedures aimed at preventing violations. The ten elements of a supervision system listed in Part 2 of Policy 7.1 are primarily conceptual in nature and must be reflected in the overall structure of a Participant’s policies and procedures. A Participant cannot simply list each of these elements in its policies and procedures or affirm that each is being done. When evaluating a Participant’s policies and procedures, IIROC determines whether these elements have been appropriately considered and addressed. The following provides specific guidance on each element.

Element 1 – Identification of Relevant Requirements

A Participant’s policies and procedures must address all of the Requirements that apply to its business and trading. We remind Participants that the Requirements include not only UMIR but also the Trading Rules, Marketplace Rules, Decisions and securities legislation.

IIROC provides guidance to clarify the requirements of the rules and suggests acceptable methods that can be used to comply with specific IIROC requirements. Unless otherwise required by the rules, Participants may use alternative methods, provided that those methods demonstrably achieve the overall objective of Rule 7.1 and Policy 7.1.

Element 2 – Documentation of the Supervision System

A Participant’s written policies and procedures for both supervision and compliance must be sufficiently detailed such that a reasonably knowledgeable person can understand both when and how to comply with the policy or procedure. Testing methodologies must be described in a manner such that a reasonably knowledgeable person would be able to complete the test.

We expect the policies and procedures to:

• include a step-by-step description of the testing methodologies, together with any definitions that would be necessary to explain the logic of the procedures
• outline the principal elements of the testing methodology, including frequency, sample size, and sources of information to be used
• identify any exception reports, trading data and other documents to be reviewed as well as any systems that are used.

These policies and procedures must specifically address all Requirements that apply to the Participant’s type of business or trading. We do not expect a Participant to maintain policies and procedures for Requirements that do not apply to its business activities. Using a copy or a slightly augmented version of Policy 7.1 would not satisfy the requirement to develop, implement and maintain compliance or supervisory procedures. The procedures adopted by a Participant must be designed to address higher-risk areas and be appropriate for the size and type of business and trading conducted by the Participant. A Participant must update its policies and procedures when its activities change in order to address risks of non-compliance with the Requirements introduced by the new activities.

Element 3 – Training and Proficiency

Supervisors must have policies and procedures that are reasonably designed to ensure employees are educated and trained on:

• the applicable Requirements
• the procedures adopted by the Participant
• the electronic systems used by the Participant.

Supervisors must also ensure that there is adequate employee education and training to address:

• changes in Requirements, procedures or systems
• any problems found by compliance monitoring.

Multiple or inconsistent procedures may indicate that a firm has not adequately trained its employees or that the supervision system has not been adequately reviewed. Each Participant must document the education and training that it provides to employees.

Element 4 – Delegation of Supervisory and Compliance Personnel

Firms may delegate compliance or supervisory tasks to other staff of the Participant as long as it does not create a conflict of interest.  For example, it would be inappropriate for a supervisor to review the activities of a proprietary account where the supervisor has a direct or indirect interest in the performance of that proprietary account.  However, it may be appropriate to delegate the identification and reporting of extended failed trades to an operation group where the required information may be more readily available.

Supervisors and compliance staff retain the responsibility for their respective obligations, even where the tasks have been delegated to others.

Element 5 – Tailor Procedures to Fit the Participant’s Business

Policy 7.1 applies to all trading conducted by a Participant. This Policy is not limited to head office or institutional trading. A Participant’s supervision procedures must encompass all employees involved in the trading process and may include investment advisors and operations staff, as well as other staff that may be delegated tasks under Element 4.  Compliance monitoring must take into account all lines of business and locations.

Element 6 – Procedures for Dealing with Violations

Policies and procedures must include a process for handling potential violations of the Requirements including:

• taking steps to correct identified problems
• ensuring that problems are appropriately escalated within the Participant where appropriate.

The compliance department must report problems to trading supervisors or their delegates. A Participant does not meet the requirements under Policy 7.1 solely by monitoring trading. A Participant must also take appropriate steps to correct any problems that it has detected. Supervisors are responsible for ensuring that adequate steps are taken to address any problems identified. If supervisors do not adequately address identified problems, then compliance departments must ensure that the problems are escalated within the Participant to a higher management level or even the board of directors. These steps and corrective actions must be documented and maintained in an easily retrievable format. 

If compliance testing results indicate that the same or similar problems recur over an extended period of time, this may indicate that supervisors have not taken adequate steps to

• supervise activities
• correct problems that have been detected, or
• provide adequate training and education.

The continuation of a problem over an extended period may also indicate that the compliance department has not escalated the deficiencies to the appropriate management level.

Element 7 – Reviewing Supervision Systems

A Participant must ensure that its supervision system, including both supervision and compliance policies and procedures, remains effective and relevant by reviewing it at least annually.

Management must ensure that the supervision system is updated to reflect new Requirements, procedures, systems, business lines, offices and employees and that compliance testing continues to be effective.

Element 8 – Documenting Results of Compliance Reviews

Compliance reviews determine a Participant’s level of compliance generally and identify any areas where compliance with the Requirements requires improvement. IIROC expects compliance reviews to indicate

• if there is a compliance problem
• whether the problem is increasing or decreasing over time
• whether any previously identified issues have been adequately addressed.

For these reasons, tracking trends and patterns over several compliance reviews can be very useful.

Element 9 – Retaining Results of Reviews

IIROC requires that Participants summarize and retain the results of the supervision system review under Element 7 (including the compliance reviews under Element 8) in an easily retrievable format. Compliance review results must be verifiable. When undertaking a Trading Conduct Compliance review, IIROC will evaluate documentation of the required testing and may request the underlying sources for review.

Element 10 – Reports to Board of Directors2

Participants must provide a summary of the results of the supervision system review, under Element 7 (including the compliance review under Element 8), at least annually to its Board of Directors. However, any significant issue regarding the supervision system must be immediately reported to the Board of Directors.

As part of its review of the Participant, IIROC will request copies of the section of the minutes of the Board meeting where the results of these reviews were discussed, together with copies of the material provided to the board for its consideration. This documentation must include details of any corrective actions recommended and/or taken by the board of directors.

1. Questions and Answers

2. What is the difference between the roles of Supervision and Compliance?3

IIROC recognizes that the corporate structure of Participants may vary depending on the setup and business of the firm. The purpose in designating different roles for supervision and compliance in Element 4 of Part 2 in Policy 7.1 is to reinforce the following principles:

• Compliance with the Requirements is the responsibility of the Participant as a whole; it is not the responsibility of an isolated department, but an integral part of the business. The existence of a compliance department does not relieve anyone else of the obligation to act on or escalate compliance issues. Everyone at the Participant should understand the standards of conduct for their role, whether or not they are registered and/or approved.
• The compliance department’s role is to identify, advise, communicate, monitor and report on the Participant’s compliance with the Requirements. In addition to identifying issues, the compliance department must take appropriate steps to ensure that corrective measures are taken by supervisors and/or management. If corrective actions are not taken, the compliance officer4 must escalate the issue, according to the firm’s policies and procedures. A Participant’s escalation procedures must be included in its policies and procedures pursuant to Elements 6 and 10 of Part 2 of Policy 7.15 The steps taken by compliance officers and the corrective actions taken by supervisors and/or management must be documented, maintained and auditable under Element 9 of Part 2 of Policy 7.1.
• The role of supervision is the ongoing supervision of a business function or area.  A supervisor has the authority to implement changes on the operation of a business function or area.  Supervisors have authority over, and are accountable for, the business that they supervise.
• Compliance roles may identify issues and then refer these issues to the supervisor.  Supervisory roles have authority to resolve issues once they are identified.  IIROC looks at the following when determining whether an individual is in a supervisory or compliance role:
  1. policies and procedures
  2. the practice within the firm
  3. the individual’s responsibilities, authority and functions; not simply his or her title.

In certain instances, there may be some overlap between the roles of compliance and supervision. To avoid confusion, Participants should create job descriptions with clearly established reporting lines so that compliance officers understand when they may be expected to act in a supervisory capacity, or vice versa.

While duties can be delegated and individuals may have dual functions in certain circumstances, delegation must avoid putting individuals in a potential conflict of interest.  For example, it would not be appropriate to delegate a compliance function to an employee that reports to a trading supervisor where that delegation creates a conflict of interest. This may hamper the independence needed in carrying out the compliance function.

1. When will compliance officers be subject to enforcement action by IIROC?6

In a disciplinary hearing, the conduct of individuals will be measured against that of a reasonably proficient and diligent individual in that position. This is an objective standard that looks at what the individual ought to have known or done. It is always open to the individual to demonstrate that he or she exercised due diligence to prevent the harm that occurred.

A compliance officer may be subject to enforcement action if she or he:

• violates the Requirements or aids and abets another in such violations
• fails to supervise when she or he has been delegated or has assumed supervisory authority for particular business activities
• fails to identify rule violations, or, if after identifying a violation, fails to sufficiently escalate and follow-up the issue with management according to the standard of a reasonably proficient and diligent compliance officer. What is considered to be sufficient escalation and follow-up will often be fact-specific.

If IIROC is satisfied that the compliance officer has met these regulatory expectations, he or she will not be subject to an enforcement action.

1. What policies and procedures are required under Part 10 of Policy 7.1 regarding Audit Trail Requirements?  

Under the Requirements, the audit trail of an order should represent the complete life of the order, including a record of all client instructions.7 While not an exhaustive list, the following are examples of information that may be required to be included in the audit trail of an order under Part 10 of Policy 7.1:

• recording of the order type8, which may contain client instructions regarding the method of execution on the marketplace

• if a stop loss order, the trigger price, and once triggered, whether it will become a market or limit order (if limit order, include limit price)
• if a post only order (including whether it was rejected or cancelled by the marketplace)
• if a long-life order
• if it is entered as a Must Be Filled order
• if it is entered as a market-on-close or limit-on-close order, and if so, the limit price
• if it is a pegged order, and if so, the type of pegged order
• duration of order
  • whether it is a fill or kill order
  • whether it is an immediate or cancel order
  • whether it is a day order
  • whether it is a good-till-cancel (GTC) or good-till-date (GTD) order or good-till-time (GTT) – the limit price and good-till date (if GTD order) or good-till time (if GTT order) should be included
• if it is a dark order, and if so, the type of dark order (e.g. dark midpoint order)
• if it is entered as any other type of order available on a marketplace.

Participants may need to include additional designations that are required under Marketplace Rules, which are part of the Requirements. For example, where a Participant purchases securities on behalf of an issuer pursuant to a normal course issuer bid (NCIB), the order must include the “NCIB” marker where applicable. 

With respect to the short-marking exempt designation required by UMIR 6.2, we remind Participants to review whether an account should be marked as “short marking exempt” in accordance with IIROC Notice 12-0300.9 Participants must record the results of this review as part of the documentation required under Policy 7.1.

If a Participant enters an order on a marketplace without the appropriate order designation(s) as required under UMIR 6.2, and the order has been executed in whole or in part, the Participant must submit a regulatory marker correction report (RMCS Report) to IIROC.10

Participants should submit these reports immediately upon becoming aware that an order has been “mismarked” on its entry on any marketplace, regardless of how the Participant became aware of the error.11

A Participant must retain evidence of its review under Part 10 of Policy 7.1 for a period of five years pursuant to Element 9 of Part 2 of Policy 7.1.

1. Why is it important to retain order type information as part of the Audit Trail Requirements?

Participants should review whether certain order types are used as part of a manipulative or deceptive strategy. For example, order types similar to the post-only order may be used for the purpose of “pinging”12 or testing for dark liquidity as part of a strategy that involves quote manipulation. A complete audit trail of the order would facilitate effective testing under other parts of UMIR 7.1.

1. What policies and procedures are required under Part 3 of Policy 7.1 regarding frontrunning?

Participants must have policies and procedures reasonably designed to ensure that their trading does not violate UMIR 4.1 and Policy 4.1. Where a Participant has knowledge of a client order that on entry, could reasonably be expected to affect the market price of that security, policies and procedures must include a process to review for whether the Participant has:

• entered a principal or non-client order on the marketplace in that security or any related security
• solicited an order from any other person in that security or any related security
• informed any other person, other than in the necessary course of business, of the client order.

A Participant’s reviews may focus on the order and trade activity of proprietary and employee accounts trading ahead of client orders, especially client transactions that could reasonably be expected to impact the market. A representative sample of accounts should include:

• proprietary accounts
• non-client accounts that are held internally and outside of the Participant
• any related accounts. 

Examples of copies of information sources that a Participant may need to retain pursuant to Part 2 of Policy 7.1 include:

• trade tickets or electronic audit trail
• account statements
• relevant market data
• exception reports or alerts
• recordings of communications between the client and the Participant and/or between traders at the Participant, etc.  

If a Participant believes there may be a violation of UMIR 4.1 or Policy 4.1, the Participant must file a gatekeeper report within the applicable timeframe under UMIR 10.16.

1. What policies and procedures are required under Part 4 and Part 11 of Policy 7.1 regarding Client Priority and Order Handling?

Participants must have policies and procedures reasonably designed to ensure that their trading does not violate UMIR 2.1(2)(c), 5.3, 6.3 and 8.1. Policies and procedures should also include a step-by-step process to review for certain elements. The table below outlines these elements for the following situations:

Situation	Review Criteria
Client orders of 50 standard trading units and $100,000 or less	Whether the client order was immediately entered for display on a marketplace (UMIR 6.3(1))	If withheld from the marketplace: Whether an exemption under UMIR 6.3(1) was available If using the exemption under UMIR 6.3(1)(e), check if the client received as good a price as he/she would have received if the order was executed on receipt by the Participant (UMIR 6.3(2))
	Intentional cross against inventory account (that is not a facilitation account) or non-client account	Whether a specific client consent was obtained in advance of the trade? (Part 2 of Policy 8.1)
		Whether the client received a better price, provided the Participant took reasonable steps to ensure it was the best available price under prevailing market conditions (UMIR 8.1(1) and Policy 8.1) If the client did not receive a better price, whether an exemption under UMIR 8.1(2) or (3) was available?

 

Potential Problem Situations

Participants must also consider addressing potential problem situations when trading opportunities may be taken away from clients. Below are some examples of potential problem situations with respect to client priority that a Participant may consider including in its policies and procedures:

1. Retail brokers or their assistants withholding a client order to take a trading opportunity away from that client.
2. Others in a brokerage office inadvertently withholding a client order, taking a trading opportunity away from that client.
3. Agency traders withholding a client order to allow others to take a trading opportunity away from that client.
4. Proprietary traders using knowledge of a client order to take a trading opportunity away from that client.
5. Traders using their personal accounts to take a trading opportunity away from a client.

With respect to client priority, written policies and procedures pertaining to employee education and post-trade monitoring may consider including the following points:

• Education
  • Employees must know the applicable rules and understand their obligation for client priority.
  • Participants must ensure that all employees involved with the order handling process know that client orders must be entered into the market before non-client and proprietary orders, when they are received at the same time.
  • Train employees to handle particular trading situations that arise, such as client orders spread over the day and trading along with client orders.
• Post-Trade Monitoring Procedures
  • Document and follow-up on complaints from clients and Registered Representatives concerning potential violations of the Requirements.
  • Monitor traders’ personal accounts and those related to them, whether held at or outside of the Participant, to ensure no apparent violations of client priority have occurred.
  • Compare a sample of proprietary trades with contemporaneous client orders.
  • Consider both client orders entered into order management systems and manually handled orders, such as those from institutional clients, when reviewing proprietary trades.
  • Use a sample size that sufficiently reflects the trading activity of the Participant when reviewing proprietary trades.
  • Examine potential problems found during these reviews to determine if an actual violation of UMIR has occurred. The Participant must retain documentation of these potential problems and examinations pursuant to Element 9 of Part 2 of Policy 7.1.
  • Take the necessary steps to correct problems when violations are found.  Document corrective actions taken as required under Element 9 of Part 2 of Policy 7.1.

A Participant may conduct a manual review and/or rely on automated exception reports to review trading. The procedures should specify the criteria for manual reviews and the specifications and parameters of any automated exception reports. A Participant should use a risk-based approach and take the following into account when selecting a sample for review:

• orders handled by employees of the Participant

• orders for client who trade through different platforms at the Participant
• orders jitneyed in from another Participant
• orders received from a Dealer Member that is not a Participant.

Under Part 2 of Policy 7.1, a Participant may need to retain copies of information sources such as:

• trade tickets or electronic audit trail
• trading blotters (electronic or hard copy)
• relevant market data
• exception reports or other relevant reports.

1. What policies and procedures are required under Part 5 of Policy 7.1 regarding Manipulative and Deceptive Activities and Specific Unacceptable Activities?

Participants, as gatekeepers, must develop, implement and maintain policies and procedures that are reasonably designed to detect, prevent, investigate and report potential manipulative activity under UMIR 2.1, UMIR 2.2, Policy 2.2, Policy 7.1 and UMIR 10.16. A Participant’s policies and procedures must include steps to test for each of the following:

1. Artificial Price or Misleading Appearance of Trading Activity

Orders or trades that create an artificial price or misleading appearance of trading activity, such as potential high or low closing trades, ramping near the close, and artificial closing bids and offers are contrary to UMIR 2.2(2) and Policy 2.2.

A price is artificial where it is not justified by real demand or supply. One of the relevant considerations in determining whether a price is artificial is if the Participant or account involved in the order is motivated to establish an artificial price, which may include an attempt to affect the market value of a security.

Procedures should also consider whether the person entering an order is:

• an insider
• an associate of an insider
• part of an associate of a promotional group or other group with an interest in effecting an artificial price, either for banking and margin purposes, for purposes of effecting a distribution of the securities of the issuer or for any other improper purpose.

2. Wash Trades

A wash trade is a trade that involves no change in beneficial or economic ownership. It is contrary to Policy 2.2 to engage in wash trades (Policy 2.2, Part 1(b)).

Participants should regularly monitor for wash trades and consider instances where the same beneficial or economic owner has an interest in, or controls, more than one account or related account that may be held on the same or different platforms at the Participant.

To prevent an inflation of trading volume during the day, a Participant should take reasonable measures to prevent wash trades from occurring. The Participant should document the methods used to prevent wash trades under Part 2 of Policy 7.1.

While a Participant may make use of marketplace tools, it is still responsible for monitoring and preventing wash trades. All wash trades that have not been cancelled, including wash trades that were generated by automated program trading systems, must be reported to IIROC under UMIR 10.16, which can be done on a monthly basis or more frequently if desired.13

3. Double Printing

Double printing refers to two trades printed on a marketplace when only one trade was required to execute the order. This activity is prohibited under UMIR 2.2(2)(a). Double printing creates artificial volume and results in inflated trading volume figures for both the firm and the marketplace.14

4. Orders or trades that abuse the minimum guaranteed fill facility of a person with Marketplace Trading Obligations15

It is contrary to UMIR 2.1(1)(b) to split a larger order into two or more orders on a particular trading day in order to intentionally impose an obligation on the person with a Marketplace Trading Obligation to:

• execute with one or more of the orders, or
• purchase at a higher price or sell at a lower price with one or more of the orders.

5. Trades that fail to settle16

Participants must ensure that they submit the proper notice to IIROC for trades that fail to settle within ten trading days following the settlement date pursuant to UMIR 7.10 (extended failed trade).

It is contrary to UMIR 2.1(1)(a) if a person enters into a transaction for the purpose of rectifying a failed trade prior to the time that a report must be filed under UMIR 7.10 and the person knows or ought reasonably to know that the transaction will result in “re-aging” for the purpose of avoiding reporting obligations.

Where the extended failed trade is the result of:

• principal trading by the Participant, then the Participant must ensure that there is no additional shorting in that particular security without a pre-borrow under UMIR 6.1(4), subject to the exemption in UMIR 6.1(4)(b)
• client trading, then the Participant must ensure that the client will be unable to short without a pre-borrow on any listed security under UMIR 6.1(6), subject to the exemption in UMIR 6.1(6)(b).

6. Manipulative and Deceptive Activities

Trading strategies known as spoofing, layering, abusive liquidity detection, quote manipulation, and quote stuffing, are examples of activity that would be considered manipulative and deceptive under UMIR 2.2 and Policy 2.2.17 These strategies are prohibited whether they are conducted manually or electronically.

1. Spoofing
   Spoofing involves the entering of non-bona fide orders that are not intended to be executed and is contrary to UMIR 2.2(2) and Part 2(f) of Policy 2.2. This includes entering non-bona fide orders to check market depth, to check for the presence of an iceberg order, to affect the Calculated Opening Price, or other improper purpose.
2. Layering
   Layering involves placing a bona fide order on one side of the market while simultaneously layering orders on the other side of the market without intention to trade. The purpose is to bait other market participants to react and trade with the bona fide order on the other side of the market at an artificial price. A variation of this strategy is referred to as intraday spoofing.18 Trading strategies such as layering and intraday spoofing are prohibited under UMIR 2.2(2), and Parts 2 and 3 of Policy 2.2.
3. Abusive Liquidity Detection
   Abusive liquidity detection includes the use of fictitious orders to detect the existence of a buyer or seller with the intention of trading ahead of, rather than with, the buyer or seller, contrary to UMIR 2.2(1) and Policy 2.2.19
4. Quote Manipulation
   Quote manipulation involves entering non-bona fide orders on visible markets in an attempt to change the national best bid or national best offer and affect the price calculation at which a trade will occur with a dark order. This results in a trade with the dark order at an improved price, following which orders are removed from the visible market. Quote manipulation is prohibited under UMIR 2.2(1), (2)(b) and Part 2(e) of Policy 2.2.
5. Quote Stuffing
   Quote stuffing refers to entering excessive market data messages with the intent to ‘flood’ systems and create ‘information arbitrage’ opportunities, which is contrary to UMIR 2.2(1).

Supervisory functions or the compliance department may rely on automated alerts for the detection of potential manipulative or deceptive activity. However, Participants should conduct further post-order or post-trade reviews in order to determine whether potential manipulative activity may have occurred. Access to historical market data may assist in reviewing whether triggered alerts constitute potential violations of the Requirements.

Participants should regularly review alert parameters to ensure they capture all appropriate activity. In addition, Participants should retain documentation of these reviews for at least five years as part of the requirements under Element 9 of Part 2 of Policy 7.1.

While IIROC does not expect Participants to review every triggered alert, pursuant to Element 8 of Part 2 of Policy 7.1, the policies and procedures must set out the criteria on which a review will be undertaken. If samples are used, the procedures must state how to select a sample, including the sample size. Sample sizes should cover all types of accounts across all lines of the business. We expect Participants to use a risk-based approach when selecting samples and the period of activity to be reviewed. This risk-based approach should take into account factors such as the size of the accounts, nature of trading, volume of activity, commissions generated and any pertinent information about account holders. Other considerations include:

• Sampling a higher percentage of orders that were entered directly by clients ( e.g. either through direct electronic access or self-directed accounts). The Participant retains supervisory and compliance responsibility for all its orders, irrespective of the source of the order or the means by which the order is transmitted to a marketplace.
• Enhanced supervision of trading for account(s) that have a history of questionable conduct.

The above list is not exhaustive and may not include all forms of potentially manipulative and deceptive activity. IIROC recognizes that, due to changes in market structure and technology, trading strategies and forms of potential manipulative and deceptive activity will continue to evolve. As part of the annual review of the supervisory system under Element 7 of Part 2 of Policy 7.1, Participants should ensure that their policies and procedures continue to be effective and are reasonably designed to prevent and detect new types of manipulative or deceptive behaviour.

If a Participant believes there may be a violation of UMIR 2.1, UMIR 2.2 or Policy 2.2, the Participant must file a gatekeeper report within the applicable timeframe under UMIR 10.16

1. What policies and procedures are required under Part 12 of Policy 7.1 with respect to the trading of securities on a Grey or Watch List?

A grey or watch list contains the names of issuers of whom the Participant may have inside information.20

Trading these securities by proprietary, employee or related accounts may not be subject to trading restrictions, but should be subject to scrutiny.

Trading on inside information is contrary to the Requirements. As part of complying with UMIR 7.1, a Participant should monitor the trading of proprietary and employee accounts, whether held internally or outside the firm. 

Enhanced supervision may be appropriate for accounts:

• held by employees that are more likely to come into contact with sensitive information,
• over which employees have control and/or trading authority, or  
• held by entities that may be related to employees.

Trading reviews may consider any or all of the following:

• unusual trading patterns
• timing of orders and trades, especially before a public announcement
• first time purchase or sale of a security
• trade(s) that represent a significant percentage of a portfolio
• use of information sources such as records of communications by employees, or internal access logs that may reveal the identity of users that may have viewed sensitive documents.

Pre-approval of trading helps monitor activity on a pre-trade basis in employee accounts, whether held at the Participant or externally at another firm. Participants should retain evidence of trading pre-approval under Element 9 of Part 2 of Policy 7.1.

A Participant violates UMIR 2.3 if it enters an order on a marketplace that it knows or reasonably ought to know would result in a violation of the Requirements. If the Participant believes there may be a violation of UMIR 2.3, the Participant must file a gatekeeper report within the applicable timeframe under UMIR 10.16.

1. What policies and procedures are required under Part 12 of Policy 7.1 with respect to the review of trading in Restricted Securities?

UMIR 7.7(1) and (2) prohibit certain activity in a restricted security during the restricted period.

Participants must have policies and procedures to look for:

• orders for a restricted security during the restricted period from proprietary and employee accounts of the dealer-restricted person, or accounts over which the dealer-restricted person exercises direction or control, that are not permitted  under an exemption in UMIR 7.7(4), (7) or (8)

• orders for a restricted security during the restricted period from a dealer-restricted person when acting for an issuer-restricted person, for the account of the issuer-restricted person or an account over which the issuer-restricted person exercises direction or control, that are not permitted under an exemption in UMIR 7.7(5)

• orders and/or trades in the restricted security during the restricted period entered or executed pursuant to an exemption under UMIR 7.7 but that may be manipulative or deceptive
• publication of information, opinions or recommendations on a restricted security during the restricted period that is not permitted under an exemption in UMIR 7.7(6).

If the Participant believes there may be a violation of UMIR 7.7, the Participant may report the potential violation to IIROC.

1. Impact on Existing Guidance

This Guidance repeals and replaces the following Guidance as shown:

• Market Integrity Notice 2003-025 Guidance – Guidelines on Trading Supervision Obligations (November 28, 2003)
• Market Integrity Notice 2006-023 Guidance - Joint Regulatory Notice - The Role Of Compliance And Supervision (November 30, 2006)

• 1Head of trading” refers to the individual responsible for supervising the trading activities of the Participant in a marketplace, appointed under UMIR 7.1(3)
• 2Board of directors, or individuals acting in a similar capacity at the Participant
• 3Market Integrity Notice No. 2006-023 – Guidance Note – UMIR – Joint Regulatory Notice – The Role of Compliance and Supervision (November 30, 2006). See also IIROC Notice 12-0379 – Guidance Note – DMR – The Role of Compliance and Supervision (December 17, 2012)
• 4References to “compliance officer” in this Notice include individuals designated as the Chief Compliance Officer under s. 38.7 of the IIROC Dealer Member Rules.
• 5IIROC Notice 12-0379 at page 6.
• 6IIROC Notice 12-0379 at page 7.
• 7Section 11.2 Audit Trail Requirements for Dealers and Inter-Dealer Bond Brokers of NI 23-101 Trading Rules provides the recording requirements for the receipt or origination of an order, including:
  (p) any client instructions or consents respecting the handling or trading of the order, if applicable
• 8Section 11.2 Audit Trail Requirements for Dealers and Inter-Dealer Bond Brokers of NI 23-101 Trading Rules provides the recording requirements for the receipt or origination of an order, including:
  (i) whether the order is a market order, limit order or other type of order, and if the order is not a market order, the price at which the order is to trade. [emphasis added]
  See also UMIR 6.2(1)(b)(xvi), which provides that each order entered on a marketplace shall contain a designation acceptable to the Market Regulator for the marketplace on which the order is entered, if the order is of a type for which the Market Regulator may from time to time require a specific or particular designation.
• 9IIROC Notice 12-0300 – Guidance Note – UMIR – Guidance on “Short Sale” and “Short-Marking Exempt” Order Designations (October 11, 2012). See also IIROC Notice 13-0053 – Guidance Note – UMIR – Guidance on Certain Manipulative and Deceptive Trading Practices (February 14, 2013).
• 10IIROC Notice 08-0033 – Guidance Note – UMIR – New Procedures for Order Marker Corrections (July 15, 2008).
• 11See above
• 12A “pinging” order is a tradeable order that can be used to search for and access all types of non-displayed liquidity, including in dark pools and dark orders on displayed marketplaces. See IIROC Notice 13-0053 – UMIR – Guidance Note – Guidance on Certain Manipulative and Deceptive Trading Practices (February 14, 2013).
• 13IIROC Letter dated 21 April 2014 to Investment Industry Association of Canada.
• 14Market Integrity Notice 2003-002 – Rules Notice – UMIR - Prohibition on Double Printing (January 13, 2003).
• 15UMIR 2.1(1)(b) and Market Integrity Notice 2007-011 – UMIR – Guidance Note – Compliance Requirements for Order-Execution Services (April 20, 2007).
• 16UMIR 2.1(1)(a), UMIR 7.10 and Market Integrity Notice 2007-011 – UMIR – Guidance Note – Compliance Requirements for Order-Execution Services (April 20, 2007).
• 17IIROC Notice 13-0053 – UMIR – Guidance Note – Guidance on Certain Manipulative and Deceptive Trading Practices (February 14, 2013).
• 18Zhen (Steven) Pang and Oasis World Trading Inc. (14 December 2015), online: OSC
  <http://www.osc.gov.on.ca/en/Proceedings_enr_20151214_panzz-oasis.htm>.
• 19Re Zhang 2013 IIROC 35.
• 20Inside information is defined in OSC Policy 33-601 to mean a material fact or material change with respect to a reporting issuer that has not been generally disclosed.