As financial advisors see their regulatory responsibilities continue to evolve and expand to include rules related to such diverse areas as email communication and money laundering, it’s increasingly important for advisors to have a comprehensive compliance regime in place, according to Susan Allemang, head of regulatory and policy affairs with Independent Financial Brokers of Canada (IFB).
Speaking at the IFB fall summit in Toronto on Wednesday, Allemang urged advisors to pay close attention to the changing regulatory landscape, and to ensure they are adjusting and updating their compliance practices accordingly.
“If you’re chosen for a compliance audit, you certainly don’t want to be unprepared,” Allemang said. “You want to feel confident that you have the things in place that you need to be able to substantiate your compliance obligations.”
Allemang highlighted three of the most important compliance policies that independent advisors should have in place in the current regulatory environment.
1. Anti-money laundering policies
Advisors are subject to anti-money laundering (AML) and anti-terrorist financing rules set out by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC).
The rules require advisors to have a compliance regime in place, Allemang said, with five key components:
- a designated compliance officer;
- a written policies and procedures manual;
- a detailed assessment of the level of risk that money laundering and terrorist financing pose in your business;
- a documented training program; and,
- a process for updating and re-evaluating the first four components of the regime every two years.
FINTRAC periodically audits the compliance practices of advisors and other financial industry players that are subject to the rules, and in cases where it finds violations, Allemang said advisors can face fines, or – in extreme cases – jail time.
She suggests completing the checklists available on the FINTRAC website to ensure you have the necessary practices in place.
2. Privacy policies
Advisors are required to protect their clients’ personal information under the Personal Information Protection and Electronic Documents Act (PIPEDA), and under certain provinces’ privacy legislation, according to Allemang.
Specifically, she said advisors should have policies in place that include the following four elements:
- a written privacy policy and signed consent forms from every client;
- a documented privacy breach procedure;
- a training program that is kept current as the legislation evolves; and,
- a commitment to the 10 privacy principles set out in PIPEDA.
Advisors should also be able to demonstrate that they take steps to protect any electronic information that they keep on file, Allemang says, such as using anti-virus software, encrypting sensitive data and using strong passwords.
3. Disclosure policies
Disclosure is currently a key area of focus for regulators, as demonstrated by the comprehensive new disclosure requirements being introduced under the second phase of the Client Relationship Model (CRM2), Allemang said.
Even though CRM2 only pertains to the securities industry, she said insurance regulators are also placing a greater emphasis on ensuring that clients are receiving sufficient information to make an informed decision when purchasing insurance products.
Insurance advisors should ensure that they are disclosing to clients all of the following information:
- companies you represent;
- compensation you receive, including and bonuses and travel rewards;
- conflicts of interest;
- consumers’ right to ask for additional information; and,
- client complaint mechanisms.