Securities Law & Instruments

PDF Version

PDF Version


CSA NOTICE OF APPROVAL

AMENDMENTS TO NATIONAL INSTRUMENT 23-103 ELECTRONIC TRADING



I. Introduction

The Canadian Securities Administrators (CSA or we) have made amendments to National Instrument 23-103 Electronic Trading (Instrument or NI 23-103) and its related Companion Policy 23-103 (CP) (together, the Amendments). The Amendments institute a consistent framework for marketplaces and marketplace participants regarding the offer and use of direct electronic access (DEA) to ensure that risks associated with DEA are appropriately managed. The Amendments will change the title of NI 23-103 to Electronic Trading and Direct Electronic Access to Marketplaces.

The Amendments have been adopted or are expected to be adopted by each member of the CSA. Provided all necessary ministerial approvals are obtained, the Amendments will come into force on March 1, 2014. We are publishing the text of the Amendments along with a blackline copy that identifies the Amendments concurrently with this Notice. The text of the Amendments is contained in Annexes A through C of this Notice and will also be available on the websites of various CSA jurisdictions.

We have worked closely with staff of the Investment Industry Regulatory Organization of Canada (IIROC) in developing and finalizing the Amendments and we thank them for sharing their knowledge and expertise. IIROC is also publishing today final amendments to the Universal Market Integrity Rules (UMIR) and dealer member rules that reflect and support the Amendments. More information is found at www.iiroc.ca.

Jurisdictions that are a party to Multilateral Instrument 11-102 Passport System (currently all jurisdictions except Ontario) have finalized amendments (Passport Amendments) to that instrument that permit the use of the passport system for aspects of NI 23-103. The Passport Amendments are found at Annex D of this Notice.

II. Background

On April 8, 2011, we published the Instrument for comment. It proposed requirements to regulate electronic trading generally, including the provision of DEA. We finalized the Instrument in June, 2012 but did not include requirements related to DEA as we continued to work with IIROC staff to create a regulatory framework that would treat similar types of third party access to marketplaces similarly, both at the CSA and IIROC level.

We subsequently published proposed amendments to the Instrument and CP related to DEA (2012 Proposed Amendments) on October 25, 2012. The 2012 Proposed Amendments included proposed requirements that would impose obligations on participant dealers{1} who offer DEA to their clients to appropriately manage the participant dealers' risks associated with providing DEA. The 2012 Proposed Amendments, together with IIROC's proposed UMIR and dealer member rule amendments related to third party electronic access to marketplaces, introduced a framework that treats similar forms of marketplace access and the risks that arise from these forms of access in a similar manner.

III. Summary of Written Comments Received by the CSA

We thank all three commenters for their submissions in response to the 2012 Proposed Amendments. A list of those who submitted comments, a summary of the comments and our responses to them are attached at Annex E to this Notice. Copies of the comment letters are posted at www.osc.gov.on.ca.

IV. Substance and Purpose of the Amendments

Developments in technology have not only increased the speed of trading but also have enabled marketplace participants to provide their clients with access to marketplaces more easily. The CSA think that there are risks associated with providing a client with DEA and that to ensure these risks are appropriately managed it is important to institute a consistent framework for marketplaces and marketplace participants relating to the offering and use of DEA.

The only DEA specific rules or policies that are currently in place have been set by marketplaces.{2} These rules and policies can vary between marketplaces and there is no consistent standard of interpretation of these requirements. We think that having a consistent framework for the offering and use of DEA in the Instrument reduces the risk of arbitrage among participant dealers providing DEA and also among marketplaces that have differing DEA standards or requirements.

The CSA have taken the view that whether a participant dealer is trading for its own account, for a customer or is providing DEA, the participant dealer is responsible for all trading activity that occurs under its marketplace participant identifier (MPID). Allowing the use of complicated technology and strategies, including high frequency trading strategies, through DEA brings increased risks to the participant dealer. For example, a participant dealer may be held responsible for the execution of erroneous trades that occur via DEA under its MPID, even when these trades go beyond its financial capability. As well, a participant dealer may be responsible for the lack of compliance with marketplace or regulatory requirements for DEA orders entered using its MPID.

Therefore, we think that appropriate controls are needed to manage the financial, regulatory and other risks associated with providing DEA to ensure the integrity of the participant dealer, the marketplace and the financial system.

The Amendments introduce requirements to assist a marketplace participant in managing these risks appropriately. As well, the Amendments will further serve the integrity of our markets by requiring specific controls to be in place to reduce the risk of violations of regulatory requirements through DEA trading and to better identify DEA trading. For example, the Amendments will help ensure that DEA trading is only conducted by clients that have a reasonable knowledge of applicable marketplace and regulatory requirements. In addition, the Amendments will allow DEA trading to be more readily tracked by regulators through the use of DEA client identifiers.

Below is a summary of the main requirements imposed by the Amendments.

(i) Provision of DEA

The Amendments allow only a participant dealer (i.e. a marketplace participant that is an investment dealer or in Québec, a foreign approved participant) to provide DEA.{3}

As well, a participant dealer may not provide DEA to a client that is acting and registered as a dealer with a securities regulatory authority.{4} We have specifically excluded investment dealers and foreign approved participants from receiving DEA as clients in the definition of "direct electronic access" because we think dealer-to-dealer arrangements (known as "routing arrangements" under UMIR) will be better dealt with in IIROC or, in the case of foreign approved participants, Montréal Exchange Inc. (Montréal Exchange), rules that specifically address these types of arrangements.

It is the CSA's view that a client acting and registered as a dealer with a securities regulatory authority must not be provided with DEA because we think that dealers that are not investment dealers should not have low latency electronic access to marketplaces since they are not subject to IIROC or Montréal Exchange rules related to dealer-to-dealer arrangements.

The requirement under subsection 4.2(2) will not prevent a client that is acting and registered as a dealer from using methods other than DEA to trade.

For an entity registered both as a dealer and an adviser, we note that it would be eligible for DEA provided that it only uses DEA when acting in its capacity as an adviser and not in its capacity as a dealer. If this entity uses DEA to place orders for its non-advisory clients, then we would consider it to be using DEA in its capacity as a dealer and therefore to be inappropriately using DEA. Similarly, if a foreign dealer is registered as a dealer, it would be eligible for DEA provided that it only uses DEA when acting in its capacity as a foreign dealer and not in its capacity as dealer for Canadian clients.{5}

The Amendments also address the issue of the use of DEA by individuals. DEA, especially when used in conjunction with complex trading strategies and algorithms, requires a high level of trading knowledge to be used appropriately. While we do not think that that most individuals possess this level of trading knowledge, there may be circumstances in which sophisticated individuals who have access to the necessary technology and resources, such as former registered traders or floor brokers, can use DEA appropriately. In this type of circumstance and if a participant dealer establishes and applies appropriate DEA client standards, we would consider it to be acceptable for individuals to use DEA.

(ii) Minimum Standards for DEA Clients

DEA clients may be large, institutional investors with regulatory obligations while others may be retail clients that have particular sophistication and resources to be able to manage DEA trading.

We think that a participant dealer must understand its risks in providing DEA and address those risks when establishing its minimum standards for providing DEA. We also expect a participant dealer to ensure that it can adequately manage its DEA business, such as having the necessary staffing, technology and other required resources, as well as having the financial ability to withstand the increased risks of providing DEA.

Therefore, the Amendments require that before granting DEA to a client, a participant dealer must first establish, maintain and apply appropriate standards for providing DEA and assess and document whether each potential DEA client meets these standards.{6} An important step in addressing the financial and regulatory risks associated with providing DEA is a participant dealer conducting due diligence on its prospective DEA clients. A thorough vetting of each DEA client will help a participant dealer ensure that the client meets the necessary standards and will help prevent the participant dealer from being unduly exposed when providing DEA. A participant dealer may conclude that it is not appropriate to offer DEA to a potential DEA client.

A participant dealer's DEA standards must include that the client has:

• sufficient resources to meet any financial obligations that may result from the use of DEA by that client,

• reasonable arrangements in place to ensure all individuals using DEA on behalf of the client have reasonable knowledge of and proficiency in the use of the order entry system,

• reasonable knowledge of and the ability to comply with all applicable marketplace and regulatory requirements, and

• reasonable arrangements in place to monitor the entry of orders through DEA.{7}

We consider the above standards to be the minimum necessary for a participant dealer to properly manage its risks but note that for a participant dealer to appropriately manage its risks, the participant dealer must assess and determine whether it needs any additional standards given its business model and the nature of each prospective DEA client. Standards that apply to an institutional client, for example, may differ from those that apply to an individual.

The Amendments do not set out an "eligible client list" that imposes specific financial standards upon DEA clients as found in the current DEA rules and policies at the marketplace level. We think that a participant dealer should have the flexibility to determine the specific levels of the minimum standards in order to accommodate its business model and appetite for risk. This approach is in keeping with global standards related to DEA.

In order to ensure that the established minimum DEA client standards are maintained, the Amendments require a participant dealer to annually assess, confirm and document that each DEA client continues to meet these standards.{8}

(iii) Written Agreement

In addition to minimum DEA client standards, we think that certain requirements for the provision of DEA should be part of every DEA arrangement to make sure that the risks of providing DEA are appropriately addressed. Therefore, the Amendments require that before providing DEA, a participant dealer must have a written agreement with each DEA client that specifies that:

• the DEA client will comply with marketplace and regulatory requirements,

• the DEA client will comply with the product limits and credit or other financial limits specified by the participant dealer,

• the DEA client will take all reasonable steps to prevent unauthorized access to the technology that facilitates the DEA,

• the DEA client will fully co-operate in connection with any investigation or proceeding by marketplaces or regulation services providers with respect to the trading conducted pursuant to the DEA provided,

• the DEA client will immediately inform the participant dealer if it fails or expects not to meet the standards set by the participant dealer,

• when the DEA client is trading for the accounts of another person or company, it will ensure that the orders of the other person or company are transmitted through the systems of the DEA client and will be subject to reasonable risk management and supervisory controls, policies and procedures,

• the DEA client will immediately provide the participant dealer in writing with the names of all personnel acting on the DEA client's behalf that it has authorized to enter an order using DEA, and

• the participant dealer has the authority, without prior notice, to reject, cancel or discontinue accepting orders and to vary or correct an order to comply with a marketplace or regulatory requirement.{9}

While these requirements are expected to address many of the risks associated with providing DEA, a participant dealer may add other provisions to the written agreement it thinks are necessary to manage its specific risks.

(iv) Training of DEA Clients

In order to address the market integrity risk that providing DEA can pose to a participant dealer, the Amendments require a participant dealer to be satisfied that a prospective DEA client has reasonable knowledge of marketplace and regulatory requirements as well as the DEA client standards the participant dealer has established before providing DEA to that client.{10} The participant dealer must determine what, if any, training a prospective DEA client requires to ensure the client has the requisite knowledge. Therefore, while no specific type of training is mandated by the Amendments, depending on the client and the trading it plans to do, the participant dealer may determine that a DEA client must take the same types of courses as is required for an approved participant under UMIR.

As well, in order to ensure that a DEA client is kept up to date with respect to applicable marketplace and regulatory requirements, a participant dealer must ensure that a DEA client receives any relevant amendments to these requirements.{11}

(v) DEA Client Identifier

The Amendments require a participant dealer to ensure that a DEA client is assigned a unique DEA client identifier that will be associated with every order the client sends using DEA.{12} In addition to this requirement, the Amendments prohibit a marketplace from permitting its participants to provide DEA unless the marketplace's systems support the use of DEA client identifiers.{13}

These provisions will allow regulators to identify DEA trading more readily and to more easily determine the specific DEA client behind each trade. We note that DEA client identifiers are currently being used on certain Canadian marketplaces and are of the view that mandating this practice across all marketplaces will help regulators to carry out their functions more effectively.

(vi) Trading by DEA Clients

In order to appropriately manage the risks of providing DEA, we do not think that DEA clients should pass on or provide their DEA access to another person or company. The CSA think that this "sub-delegation" of DEA would exacerbate the risks that DEA poses to the Canadian market by widening the breadth of market access to participants who do not have any incentive or obligation to comply with the regulatory requirements or any financial, credit or position limits imposed by participant dealers. Therefore, the Amendments prohibit a DEA client from providing its DEA to another person or company other than the personnel it has authorized under subparagraph 4.4(a)(vii) of the Instrument.{14}

In order to contain the use of DEA and limit the risks it poses to the participant dealer, the Amendments generally only allow a DEA client to trade for its own account. However, certain DEA clients may trade for the account of another person or company using DEA. Specifically, a person or company that: (i) is registered or exempted from registration as an adviser under securities legislation or (ii) carries on business in a foreign jurisdiction, is permitted to trade for the account of another person or company in that jurisdiction using DEA and is regulated in the foreign jurisdiction by a signatory to the IOSCO Multilateral Memorandum of Understanding, may trade for the account of another person or company using DEA.{15}

(vii) Application of Part 2.1 of the Instrument

The IIROC UMIR and dealer member rule amendments are intended to provide a comprehensive framework to regulate various forms of third-party electronic access to marketplaces provided by their participants and to complement the Amendments.

To avoid duplication with respect to DEA, section 4.1 of the Instrument exempts a participant dealer from complying with the requirements in Part 2.1 if it complies with requirements that are similar to those in Part 2.1 and have been established by a regulation services provider, or a recognized exchange or a recognized quotation and trade reporting system (QTRS) that directly monitors the conduct of its participants. We think that if the risks associated with providing and using DEA are similarly covered under the rules of a regulation services provider, or a recognized exchange or QTRS that performs its own regulation, then the requirements in Part 2.1 of the Instrument are not needed.

However, if a participant dealer is providing DEA access to a client and is not subject to similar requirements, it would still need to adhere to the requirements in Part 2.1. For example, a marketplace participant that is a member of the Montréal Exchange and provides DEA but is not subject to the UMIR requirements related to DEA would need to follow the requirements in Part 2.1 until the Montréal Exchange implements requirements similar to those in Part 2.1.

V. Summary of Changes to the 2012 Proposed Amendments

While the Amendments are substantially similar to the 2012 Proposed Amendments, this section describes the non-material changes the CSA have made to the proposed amendments published for comment on October 25, 2012.

(i) Definition of DEA

We have revised the definition of DEA to exclude investment dealers and in Québec, foreign approved participants, from its terms. This definition is now more consistent with the concept of DEA as outlined in UMIR and the change was made to address a comment that asked both the CSA and IIROC proposals to be as similar as possible to avoid confusion. We note that the granting of access to marketplaces by participant dealers to investment dealers or foreign approved participants of the Montréal Exchange is to be governed either by the rules of IIROC or soon to be proposed rules by the Montréal Exchange.

(ii) Definition of Participant Dealer

We have revised the definition of participant dealer to clarify that in Québec, this term includes foreign approved participants as that term is defined in the Rules of the Montréal Exchange from time to time.

(iii) Provision of DEA

Subsection 4.2(2) of the Instrument does not allow DEA to be provided to a person or company that is acting and registered as a dealer with a securities regulatory authority. The initial provision proposed that DEA could only be provided to registrants that were either portfolio managers or restricted portfolio managers. We received a comment that the proposed provision would benefit from greater clarity by specifying the entities that may not receive DEA. We agree with this comment and have revised the wording to clarify that a client acting and registered as a dealer may not be provided with DEA from a participant dealer. This provision would apply to a client registered as a mutual fund dealer, scholarship plan dealer, exempt market dealer and a restricted dealer.{16} The revised wording is also meant to clarify that a participant dealer may provide DEA to any other client that satisfies the criteria of sections 4.3, 4.4 and 4.5 of the Instrument, including banks and trust companies.

We think that, in order to prevent regulatory arbitrage, a client registered in a category of dealer, other than "investment dealer", should not have this type of electronic access to marketplaces through a participant dealer since such a client is not subject to IIROC rules.

(iv) Standards for DEA clients

Under subsection 4.3(1) of NI 23-103, a participant dealer must not provide DEA to a client unless it has established, maintains and applies standards that are reasonably designed to manage, in accordance with prudent business practices, the participant dealer's risks associated with providing DEA. Changes to the wording of this subsection were made to align it with the standard in paragraph 3(1)(a) of the Instrument that requires marketplace participants to establish, maintain and ensure compliance with risk management and supervisory controls, policies and procedures that are reasonably designed to manage, in accordance with prudent business practices, the risks associated with marketplace access or providing clients with access to a marketplace.

We also added in subsection 4.3(3) of NI 23-103, that a participant dealer must assess and document as well as confirm on an annual basis that a DEA client continues to meet the standards established by the participant dealer. This change clarifies what actions the participant dealer must take during this annual confirmation.

(v) Written Agreement

Subsection 4.4(b) requires that a written agreement between the participant dealer and the DEA client provide that a participant dealer is authorized to reject or cancel any order or discontinue accepting orders from the DEA client without prior notice. The proposed provision also required that a participant dealer be authorized to vary or correct any order. We revised this proposed requirement so that a participant dealer need only be authorized to vary or correct an order to comply with a marketplace or regulatory requirement. This change addresses the concern that a DEA client may be uncomfortable with authorizing a participant dealer to vary or correct an order without notice and therefore change the DEA client's risk portfolio without the DEA client's knowledge. We note that this authorization is the minimum required by the CSA and that a participant dealer may impose more stringent requirements pertaining to its authorization that it thinks are necessary to appropriately manage its risks in providing DEA.

(vi) DEA Client Identifier

The 2012 Proposed Amendments included a requirement for a participant dealer to assign a DEA client identifier upon providing DEA to a DEA client. To ensure consistency with the UMIR amendments related to third party access, we have modified this requirement so that participant dealers must ensure the client is assigned a DEA client identifier. We expect that the current method of assigning DEA client identifiers used by the regulation services provider will continue to be used into the foreseeable future. However, the revised wording can accommodate any future changes to this process while ensuring that a client will only trade using DEA once it has received a unique DEA client identifier.

(vii) Trading by DEA Clients

Section 4.7 requires that if a DEA client is using DEA and trading for the account of another person or company, the orders of the other person or company must be transmitted through the systems of the DEA client before being entered on a marketplace through a participant dealer.

We received comments that the prohibition against providing DEA to a DEA client trading for the account of another person or company in subsection 4.7(1) did not correspond to the permissions in subsection 4.7(2) that referred to "clients". To rectify this inconsistency, we have modified the wording to use "person or company" throughout this section of the Instrument.

We also received comments that the wording between the UMIR amendments related to DEA should be as similar as possible to the provisions found in the Instrument. We modified some of the language in this section to conform to the language used in the corresponding UMIR amendments.

Finally, wording in subsection 4.7(1) has been modified to replace the term "is registered in a category analogous" to a portfolio manager or restricted portfolio manager with "carries on business" to address a concern that it may be difficult to determine whether a registration category in a foreign jurisdiction is analogous to the CSA's portfolio manager or restricted portfolio manager category. We think that the revised wording of "carries on business" will enable participant dealers to more readily identify DEA clients that are eligible to trade for the account of another person or company.

VI. Contents of Annexes

Annex A -- Amending Instrument for NI 23-103

Annex B -- Blackline of NI 23-103 indicating the Amendments

Annex C -- Blackline of 23-103CP indicating the Amendments

Annex D -- Passport System Amendments

Annex E -- Comment Summary and CSA Responses

VII. Questions

The Amendments are available on certain websites of CSA members, including:

www.lautorite.qc.ca

www.albertasecurities.ca

www.bcsc.ca

www.osc.gov.on.ca

Please refer your questions to any of the following:

Sonali GuptaBhaya
Tracey Stern
Ontario Securities Commission
Ontario Securities Commission
416-593-2331
416-593-8167
sguptabhaya@osc.gov.on.ca
tstern@osc.gov.on.ca
 
Paul Romain
Serge Boisvert
Ontario Securities Commission
Autorité des marchés financiers
416-204-8991
514-395-0337 ext. 4358
promain@osc.gov.on.ca
serge.boisvert@lautorite.qc.ca
 
Élaine Lanouette
Meg Tassie
Autorité des marchés financiers
British Columbia Securities Commission
514-395-0337 ext. 4321
604-899-6819
elaine.lanouette@lautorite.qc.ca
mtassie@bcsc.bc.ca
 
Shane Altbaum
Lawrence Truong
Alberta Securities Commission
Alberta Securities Commission
403-355-4475
403-297-2427
shane.altbaum@asc.ca
lawrence.truong@asc.ca

VIII. Local Matters

In Ontario, the Amendments to the Instrument and other required materials were delivered to the Minister of Finance on July 4, 2013. The Minister may approve or reject the Amendments or return them for further consideration. If the Minister approves the Amendments or does not take any further action by September 3, 2013, the Amendments will come into force on March 1, 2014.

In Québec, the Amendments will be delivered to the Minister of Finance for approval. The Amendments will come into force on the date of publication in the Gazette officielle du Québec or on any later date specified in the Amendments.

July 4, 2013

{1} A participant dealer is defined in section 1 of the Instrument as "a marketplace participant that is an investment dealer or in Québec, a foreign approved participant as defined in the Rules of the Montréal Exchange Inc. as amended from time to time".

{2} We note that marketplaces must revoke their rules or policies related to direct electronic access upon implementation of the Amendments.

{3} Subsection 4.2(1) of NI 23-103.

{4} Subsection 4.2(2) of NI 23-103.

{5} Subsection 4.2(2) of 23-103CP.

{6} Subsection 4.3(1) of NI 23-103.

{7} Subsection 4.3(2) of NI 23-103.

{8} Subsection 4.3(3) of NI 23-103.

{9} Section 4.4 of NI 23-103.

{10} Subsection 4.5(1) of NI 23-103.

{11} Subsection 4.5(2) of NI 23-103.

{12} Subsection 4.6(1) of NI 23-103.

{13} Section 9.1 of NI 23-103.

{14} Subsection 4.7(4) of NI 23-103.

{15} Subsection 4.7(1) of NI 23-103.

{16} We note that investment dealers are outside the definition of DEA.

 

ANNEX A

AMENDMENTS TO NATIONAL INSTRUMENT 23-103

ELECTRONIC TRADING

1. National Instrument 23-103 Electronic Trading is amended by this Instrument.

2. The title is amended by adding the following at the end of the title "AND DIRECT ELECTRONIC ACCESS TO MARKETPLACES".

3. Part 1 is amended by

(a) adding the following definitions in section 1:

"DEA client" means a client that is granted direct electronic access by a participant dealer;

"DEA client identifier" means a unique client identifier assigned to a DEA client;

"direct electronic access" means the access provided by a person or company to a client, other than a client that is registered as an investment dealer with a securities regulatory authority or, in Québec, is a foreign approved participant as defined in the Rules of the Montréal Exchange Inc., that permits the client to electronically transmit an order relating to a security to a marketplace, using the person or company's marketplace participant identifier,

(a) through the person or company's systems for automatic onward transmission to a marketplace; or

(b) directly to a marketplace without being electronically transmitted through the person or company's systems;

"marketplace participant identifier" means the unique identifier assigned to a marketplace participant to access a marketplace;

(b) replacing "NI 23-101" with "National Instrument 23-101 Trading Rules" in paragraph (c) of the definition of "marketplace and regulatory requirements"; and

(c) replacing the definition of "participant dealer" with the following:

"participant dealer" means

(a) a marketplace participant that is an investment dealer, or

(b) in Québec, a foreign approved participant as defined in the Rules of the Montréal Exchange Inc., as amended from time to time.

4. Paragraph 3(2)(a) is amended by replacing the comma with a semi-colon.

5. Subparagraph 3(3)(a)(i) is amended by replacing the final comma in the subparagraph with a semi-colon.

6. Subsection 4(b) is amended by adding "the" before "investment dealer" in the last instance that term is used in the subsection.

7. The following Part is added:

PART 2.1

REQUIREMENTS APPLICABLE TO PARTICIPANT DEALERS

PROVIDING DIRECT ELECTRONIC ACCESS

Application of this Part

4.1 This Part does not apply to a participant dealer if the participant dealer complies with similar requirements established by

(a) a regulation services provider;

(b) a recognized exchange that directly monitors the conduct of its members and enforces requirements set under subsection 7.1(1) of NI 23-101; or

(c) a recognized quotation and trade reporting system that directly monitors the conduct of its users and enforces requirements set under subsection 7.3(1) of NI 23-101.

Provision of Direct Electronic Access

4.2 (1) A person or company must not provide direct electronic access unless it is a participant dealer.

(2) A participant dealer must not provide direct electronic access to a client that is acting and registered as a dealer with a securities regulatory authority.

Standards for DEA Clients

4.3 (1) A participant dealer must not provide direct electronic access to a client unless the participant dealer

(a) has established, maintains and applies standards that are reasonably designed to manage, in accordance with prudent business practices, the participant dealer's risks associated with providing direct electronic access; and

(b) assesses and documents that the client meets the standards established by the participant dealer under paragraph (a).

(2) The standards established by the participant dealer under subsection (1) must include the following:

(a) a client must not have direct electronic access unless the client has sufficient resources to meet any financial obligations that may result from the use of direct electronic access by that client,

(b) a client must not have direct electronic access unless the client has reasonable arrangements in place to ensure that all individuals using direct electronic access on behalf of the client have reasonable knowledge of and proficiency in the use of the order entry system that facilitates the direct electronic access,

(c) a client must not have direct electronic access unless the client has reasonable knowledge of and the ability to comply with all applicable marketplace and regulatory requirements, and

(d) a client must not have direct electronic access unless the client has reasonable arrangements in place to monitor the entry of orders through direct electronic access.

(3) A participant dealer must assess, confirm and document, at least annually, that the DEA client continues to meet the standards established by the participant dealer, including for greater certainty, those set out in this section.

Written Agreement

4.4 A participant dealer must not provide direct electronic access to a client unless the client has entered into a written agreement with the participant dealer that provides that,

(a) in the client's capacity as a DEA client,

(i) the client's trading activity will comply with marketplace and regulatory requirements;

(ii) the client's trading activity will comply with the product limits and credit or other financial limits specified by the participant dealer;

(iii) the client will take all reasonable steps to prevent unauthorized access to the technology that facilitates direct electronic access and will not permit any person or company to use the direct electronic access provided by the participant dealer other than those named by the client under the provision of the agreement referred to in subparagraph (vii);

(iv) the client will fully cooperate with the participant dealer in connection with any investigation or proceeding by any marketplace or regulation services provider with respect to trading conducted pursuant to the direct electronic access provided, including, upon request by the participant dealer, providing the marketplace or regulation services provider with access to information that is necessary for the purposes of the investigation or proceeding;

(v) the client will immediately inform the participant dealer if the client fails or expects not to meet the standards set by the participant dealer;

(vi) when trading for the accounts of another person or company, under subsection 4.7(1), the client will ensure that the orders of the other person or company are transmitted through the systems of the client and will be subject to reasonable risk management and supervisory controls, policies and procedures established and maintained by the client;

(vii) the client will immediately provide to the participant dealer in writing,

(A) the names of all personnel acting on the client's behalf that the client has authorized to enter an order using direct electronic access; and

(B) details of any change to the information in clause (A),

(b) the participant dealer has the authority to, without prior notice

(i) reject any order;

(ii) vary or correct any order to comply with a marketplace or regulatory requirement;

(iii) cancel any order entered on a marketplace; and

(iv) discontinue accepting orders from the DEA client.

Training of DEA Clients

4.5 (1) A participant dealer must not allow a client to have, or continue to have, direct electronic access unless the participant dealer is satisfied that the client has reasonable knowledge of applicable marketplace and regulatory requirements and the standards established by the participant dealer under section 4.3.

(2) A participant dealer must ensure that a DEA client receives any relevant amendments to applicable marketplace and regulatory requirements or changes or updates to the standards established by the participant dealer under section 4.3.

DEA Client Identifier

4.6 (1) Upon providing direct electronic access to a DEA client, a participant dealer must ensure the client is assigned a DEA client identifier in the form and manner required by

(a) a regulation services provider;

(b) a recognized exchange that directly monitors the conduct of its members and enforces requirements set under subsection 7.1(1) of NI 23-101; or

(c) a recognized quotation and trade reporting system that directly monitors the conduct of its users and enforces requirements set under subsection 7.3(1) of NI 23-101.

(2) A participant dealer under subsection (1) must immediately provide the DEA client identifier to each marketplace to which the DEA client has direct electronic access through the participant dealer.

(3) A participant dealer under subsection (1) must immediately provide the DEA client's name and the client's associated DEA client identifier to

(a) all regulation services providers monitoring trading on a marketplace to which the DEA client has access through the participant dealer;

(b) any recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set under subsection 7.1(1) or 7.3(1) of NI 23-101 and to which the DEA client has access through the participant dealer; and

(c) any exchange or quotation and trade reporting system that is recognized for the purposes of this Instrument and that directly monitors the conduct of its members or users and enforces requirements set under subsection 7.1(1) or 7.3(1) of NI 23-101 and to which the DEA client has access through the participant dealer.

(4) A participant dealer must ensure that an order entered by a DEA client using direct electronic access provided by the participant dealer includes the appropriate DEA client identifier.

(5) If a client ceases to be a DEA client, the participant dealer must promptly inform

(a) all regulation services providers monitoring trading on a marketplace to which the DEA client had access through the participant dealer;

(b) any recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set under section 7.1(1) or 7.3(1) of NI 23-101 and to which the DEA client had access through the participant dealer; and

(c) any exchange or quotation and trade reporting system that is recognized for the purposes of this Instrument and that directly monitors the conduct of its members or users and enforces requirements set under subsection 7.1(1) or 7.3(1) of NI 23-101 and to which the DEA client had access through the participant dealer.

Trading by DEA Clients

4.7 (1) A participant dealer must not provide direct electronic access to a DEA client that is trading for the account of another person or company unless the DEA client is

(a) registered or exempted from registration as an adviser under securities legislation; or

(b) a person or company that

(i) carries on business in a foreign jurisdiction,

(ii) under the laws of the foreign jurisdiction, may trade for the account of another person or company using direct electronic access, and

(iii) is regulated in the foreign jurisdiction by a signatory to the International Organization of Securities Commissions' Multilateral Memorandum of Understanding.

(2) If a DEA client referred to in subsection (1) is using direct electronic access to trade for the account of another person or company, the DEA client must ensure that the orders of the other person or company are transmitted through the systems of the DEA client before being entered on a marketplace.

(3) A participant dealer must ensure that when a DEA client is trading for the account of another person or company using direct electronic access, the orders of the other person or company are subject to reasonable risk management and supervisory controls, policies and procedures established and maintained by the DEA client.

(4) A DEA client must not provide access to or pass on its direct electronic access to another person or company other than the personnel authorized under subparagraph 4.4(a)(vii).

8. Part 4 is amended by adding the following section:

Support Use of DEA Client Identifiers

9.1 A marketplace must not permit a marketplace participant to provide direct electronic access to a person or company unless the marketplace's systems support the use of DEA client identifiers.

9. This Instrument comes into force on March 1, 2014.

 

ANNEX B

- - - - - - - - - - - - - - - - - - - - - - - - -

This Annex, shows by way of blackline, the changes that have been made to National Instrument 23-103 Electronic Trading.

- - - - - - - - - - - - - - - - - - - - - - - - -

NATIONAL INSTRUMENT 23-103

ELECTRONIC TRADING AND DIRECT ELECTRONIC ACCESS TO MARKETPLACES

PART 1

DEFINITIONS AND INTERPRETATION

Definitions

1. In this Instrument,

"automated order system" means a system used to automatically generate or electronically transmit orders on a pre-determined basis;

"DEA client" means a client that is granted direct electronic access by a participant dealer;

"DEA client identifier" means a unique client identifier assigned to a DEA client;

"direct electronic access" means the access provided by a person or company to a client, other than a client that is registered as an investment dealer with a securities regulatory authority, or, in Québec, is a foreign approved participant as defined in the Rules of the Montréal Exchange Inc., that permits the client to electronically transmit an order relating to a security to a marketplace, using the person or company's marketplace participant identifier,

(a) through the person or company's systems for automatic onward transmission to a marketplace; or

(b) directly to a marketplace without being electronically transmitted through the person or company's systems;

"marketplace and regulatory requirements" means

(a) the rules, policies, requirements or other similar instruments set by a marketplace respecting the method of trading by marketplace participants, including those related to order entry, the use of automated order systems, order types and features and the execution of trades;

(b) the applicable requirements in securities legislation; and

(c) the applicable requirements set by a recognized exchange, a recognized quotation and trade reporting system or a regulation services provider under section 7.1, 7.3 or 8.2 of NINational Instrument 23-101 Trading Rules;

"marketplace participant identifier" means the unique identifier assigned to a marketplace participant to access a marketplace; and

"participant dealer" means

(a) "participant dealer" means a marketplace participant that is an investment dealer ., or

(b) in Québec, a foreign approved participant as defined in the Rules of the Montréal Exchange Inc., as amended from time to time.

Interpretation

2. A term that is defined or interpreted in National Instrument 21-101 Marketplace Operation, or National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations has, if used in this Instrument, the meaning ascribed to it in National Instrument 21-101 or National Instrument 31-103.

PART 2

REQUIREMENTS APPLICABLE TO MARKETPLACE PARTICIPANTS

Risk Management and Supervisory Controls, Policies and Procedures

3. (1) A marketplace participant must

(a) establish, maintain and ensure compliance with risk management and supervisory controls, policies and procedures that are reasonably designed to manage, in accordance with prudent business practices, the financial, regulatory and other risks associated with marketplace access or providing clients with access to a marketplace; and

(b) record the policies and procedures required under paragraph (a) and maintain a description of the marketplace participant's risk management and supervisory controls in written form.

(2) The risk management and supervisory controls, policies and procedures required under subsection (1) must be reasonably designed to ensure that all orders are monitored and for greater certainty, include

(a) automated pre-trade controls ,; and

(b) regular post-trade monitoring.

(3) The risk management and supervisory controls, policies and procedures required in subsection (1) must be reasonably designed to

(a) systematically limit the financial exposure of the marketplace participant, including, for greater certainty, preventing

(i) the entry of one or more orders that would result in exceeding pre-determined credit or capital thresholds for the marketplace participant and, if applicable, its client with marketplace access provided by the marketplace participant ,;

(ii) the entry of one or more orders that exceed pre-determined price or size parameters;

(b) ensure compliance with marketplace and regulatory requirements, including, for greater certainty,

(i) preventing the entry of orders that do not comply with marketplace and regulatory requirements that must be satisfied on a pre-order entry basis;

(ii) limiting the entry of orders to those securities that a marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant, is authorized to trade;

(iii) restricting access to trading on a marketplace to persons authorized by the marketplace participant; and

(iv) ensuring that the compliance staff of the marketplace participant receives immediate order and trade information, including, for greater certainty, execution reports, resulting from orders sent by the marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant;

(c) enable the marketplace participant to immediately stop or cancel one or more orders entered by the marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant;

(d) enable the marketplace participant to immediately suspend or terminate any access to a marketplace granted to a client with marketplace access provided by the marketplace participant; and

(e) ensure that the entry of orders does not interfere with fair and orderly markets.

(4) A third party that provides risk management and supervisory controls, policies or procedures to a marketplace participant must be independent from each client with marketplace access provided by the marketplace participant, except if the client is an affiliate of the marketplace participant.

(5) A marketplace participant must directly and exclusively set and adjust the risk management and supervisory controls, policies and procedures required under this section, including those provided by third parties.

(6) A marketplace participant must

(a) regularly assess and document the adequacy and effectiveness of its risk management and supervisory controls, policies and procedures; and

(b) document any deficiencies in the adequacy or effectiveness of a risk management or supervisory control, policy or procedure and promptly remedy the deficiency.

(7) If a marketplace participant uses the services of a third party to provide risk management or supervisory controls, policies and procedures, the marketplace participant must

(a) regularly assess and document the adequacy and effectiveness of the third party's relevant risk management and supervisory controls, policies and procedures; and

(b) document any deficiencies in the adequacy or effectiveness of a risk management or supervisory control, policy or procedure and ensure the deficiency is promptly remedied.

Authorization to Set or Adjust Risk Management and Supervisory Controls, Policies and Procedures

4. Despite subsection 3(5), a participant dealer may, on a reasonable basis, authorize an investment dealer to perform, on the participant dealer's behalf, the setting or adjusting of a specific risk management or supervisory control, policy or procedure required under subsection 3(1) if

(a) the participant dealer has a reasonable basis for determining that the investment dealer, based on the investment dealer's relationship with the ultimate client, has better access to information relating to the ultimate client than the participant dealer such that the investment dealer can more effectively set or adjust the control, policy or procedure;

(b) a description of the specific risk management or supervisory control, policy or procedure and the conditions under which the investment dealer is authorized to set or adjust the specific risk management or supervisory control, policy or procedure are set out in a written agreement between the participant dealer and the investment dealer;

(c) before authorizing the investment dealer to set or adjust a specific risk management or supervisory control, policy or procedure, the participant dealer assesses and documents the adequacy and effectiveness of the investment dealer's setting or adjusting of the risk management or supervisory control, policy or procedure;

(d) the participant dealer

(i) regularly assesses the adequacy and effectiveness of the setting or adjusting of the risk management or supervisory control, policy or procedure by the investment dealer, and

(ii) documents any deficiencies in the adequacy or effectiveness of the setting or adjusting of the risk management or supervisory control, policy or procedure and ensures that the deficiencies are promptly remedied, and

(e) the participant dealer provides the investment dealer with the immediate order and trade information of the ultimate client that the participant dealer receives under subparagraph 3(3)(b)(iv).

PART 2.1

REQUIREMENTS APPLICABLE TO PARTICIPANT DEALERS

PROVIDING DIRECT ELECTRONIC ACCESS

Application of this Part

4.1 This Part does not apply to a participant dealer if the participant dealer complies with similar requirements established by

(a) a regulation services provider;

(b) a recognized exchange that directly monitors the conduct of its members and enforces requirements set under subsection 7.1(1) of NI 23-101; or

(c) a recognized quotation and trade reporting system that directly monitors the conduct of its users and enforces requirements set under subsection 7.3(1) of NI 23-101.

Provision of Direct Electronic Access

4.2 (1) A person or company must not provide direct electronic access unless it is a participant dealer.

(2) A participant dealer must not provide direct electronic access to a client that is acting and registered as a dealer with a securities regulatory authority.

Standards for DEA Clients

4.3 (1) A participant dealer must not provide direct electronic access to a client unless the participant dealer

(a) has established, maintains and applies standards that are reasonably designed to manage, in accordance with prudent business practices, the participant dealer's risks associated with providing direct electronic access; and

(b) assesses and documents that the client meets the standards established by the participant dealer under paragraph (a).

(2) The standards established by the participant dealer under subsection (1) must include the following:

(a) a client must not have direct electronic access unless the client has sufficient resources to meet any financial obligations that may result from the use of direct electronic access by that client,

(b) a client must not have direct electronic access unless the client has reasonable arrangements in place to ensure that all individuals using direct electronic access on behalf of the client have reasonable knowledge of and proficiency in the use of the order entry system that facilitates the direct electronic access,

(c) a client must not have direct electronic access unless the client has reasonable knowledge of and the ability to comply with all applicable marketplace and regulatory requirements, and

(d) a client must not have direct electronic access unless the client has reasonable arrangements in place to monitor the entry of orders through direct electronic access.

(3) A participant dealer must assess, confirm and document, at least annually, that the DEA client continues to meet the standards established by the participant dealer, including for greater certainty, those set out in this section.

Written Agreement

4.4 A participant dealer must not provide direct electronic access to a client unless the client has entered into a written agreement with the participant dealer that provides that,

(a) in the client's capacity as a DEA client,

(i) the client's trading activity will comply with marketplace and regulatory requirements;

(ii) the client's trading activity will comply with the product limits and credit or other financial limits specified by the participant dealer;

(iii) the client will take all reasonable steps to prevent unauthorized access to the technology that facilitates direct electronic access and will not permit any person or company to use the direct electronic access provided by the participant dealer other than those named by the client under the provision of the agreement referred to in subparagraph (vii);

(iv) the client will fully cooperate with the participant dealer in connection with any investigation or proceeding by any marketplace or regulation services provider with respect to trading conducted pursuant to the direct electronic access provided, including, upon request by the participant dealer, providing the marketplace or regulation services provider with access to information that is necessary for the purposes of the investigation or proceeding;

(v) the client will immediately inform the participant dealer if the client fails or expects not to meet the standards set by the participant dealer;

(vi) when trading for the accounts of another person or company, under subsection 4.7(1), the client will ensure that the orders of the other person or company are transmitted through the systems of the client and will be subject to reasonable risk management and supervisory controls, policies and procedures established and maintained by the client;

(vii) the client will immediately provide to the participant dealer in writing,

(A) the names of all personnel acting on the client's behalf that the client has authorized to enter an order using direct electronic access; and

(B) details of any change to the information in clause (A),

(b) the participant dealer has the authority to, without prior notice

(i) reject any order;

(ii) vary or correct any order to comply with a marketplace or regulatory requirement;

(iii) cancel any order entered on a marketplace; and

(iv) discontinue accepting orders from the DEA client.

Training of DEA Clients

4.5 (1) A participant dealer must not allow a client to have, or continue to have, direct electronic access unless the participant dealer is satisfied that the client has reasonable knowledge of applicable marketplace and regulatory requirements and the standards established by the participant dealer under section 4.3.

(2) A participant dealer must ensure that a DEA client receives any relevant amendments to applicable marketplace and regulatory requirements or changes or updates to the standards established by the participant dealer under section 4.3.

DEA Client Identifier

4.6 (1) Upon providing direct electronic access to a DEA client, a participant dealer must ensure the client is assigned a DEA client identifier in the form and manner required by

(a) a regulation services provider;

(b) a recognized exchange that directly monitors the conduct of its members and enforces requirements set under subsection 7.1(1) of NI 23-101; or

(c) a recognized quotation and trade reporting system that directly monitors the conduct of its users and enforces requirements set under subsection 7.3(1) of NI 23-101.

(2) A participant dealer under subsection (1) must immediately provide the DEA client identifier to each marketplace to which the DEA client has direct electronic access through the participant dealer.

(3) A participant dealer under subsection (1) must immediately provide the DEA client's name and the client's associated DEA client identifier to

(a) all regulation services providers monitoring trading on a marketplace to which the DEA client has access through the participant dealer;

(b) any recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set under subsection 7.1(1) or 7.3(1) of NI 23-101 and to which the DEA client has access through the participant dealer; and

(c) any exchange or quotation and trade reporting system that is recognized for the purposes of this Instrument and that directly monitors the conduct of its members or users and enforces requirements set under subsection 7.1(1) or 7.3(1) of NI 23-101 and to which the DEA client has access through the participant dealer.

(4) A participant dealer must ensure that an order entered by a DEA client using direct electronic access provided by the participant dealer includes the appropriate DEA client identifier.

(5) If a client ceases to be a DEA client, the participant dealer must promptly inform

(a) all regulation services providers monitoring trading on a marketplace to which the DEA client had access through the participant dealer;

(b) any recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set under section 7.1(1) or 7.3(1) of NI 23-101 and to which the DEA client had access through the participant dealer; and

(c) any exchange or quotation and trade reporting system that is recognized for the purposes of this Instrument and that directly monitors the conduct of its members or users and enforces requirements set under subsection 7.1(1) or 7.3(1) of NI 23-101 and to which the DEA client had access through the participant dealer.

Trading by DEA Clients

4.7 (1) A participant dealer must not provide direct electronic access to a DEA client that is trading for the account of another person or company unless the DEA client is

(a) registered or exempted from registration as an adviser under securities legislation; or

(b) a person or company that

(i) carries on business in a foreign jurisdiction,

(ii) under the laws of the foreign jurisdiction, may trade for the account of another person or company using direct electronic access, and

(iii) is regulated in the foreign jurisdiction by a signatory to the International Organization of Securities Commissions' Multilateral Memorandum of Understanding.

(2) If a DEA client referred to in subsection (1) is using direct electronic access to trade for the account of another person or company, the DEA client must ensure that the orders of the other person or company are transmitted through the systems of the DEA client before being entered on a marketplace.

(3) A participant dealer must ensure that when a DEA client is trading for the account of another person or company using direct electronic access, the orders of the other person or company are subject to reasonable risk management and supervisory controls, policies and procedures established and maintained by the DEA client.

(4) A DEA client must not provide access to or pass on its direct electronic access to another person or company other than the personnel authorized under subparagraph 4.4(a)(vii).

PART 3

REQUIREMENTS APPLICABLE TO USE OF AUTOMATED ORDER SYSTEMS

Use of Automated Order Systems

5. (1) A marketplace participant must take all reasonable steps to ensure that its use of an automated order system or the use of an automated order system by any client, does not interfere with fair and orderly markets.

(2) A client of a marketplace participant must take all reasonable steps to ensure that its use of an automated order system does not interfere with fair and orderly markets.

(3) For the purpose of the risk management and supervisory controls, policies and procedures required under subsection 3(1), a marketplace participant must

(a) have a level of knowledge and understanding of any automated order system used by the marketplace participant or any client that is sufficient to allow the marketplace participant to identify and manage the risks associated with the use of the automated order system,

(b) ensure that every automated order system used by the marketplace participant or any client is tested in accordance with prudent business practices initially before use and at least annually thereafter, and

(c) have controls in place to immediately

(i) disable an automated order system used by the marketplace participant, and

(ii) prevent orders generated by an automated order system used by the marketplace participant or any client from reaching a marketplace.

PART 4

REQUIREMENTS APPLICABLE TO MARKETPLACES

Availability of Order and Trade Information

6. (1) A marketplace must provide a marketplace participant with access to its order and trade information, including execution reports, on an immediate basis to enable the marketplace participant to effectively implement the risk management and supervisory controls, policies and procedures required under section 3.

(2) A marketplace must provide a marketplace participant access to its order and trade information referenced in subsection (1) on reasonable terms.

Marketplace Controls Relating to Electronic Trading

7. (1) A marketplace must not provide access to a marketplace participant unless it has the ability and authority to terminate all or a portion of the access provided to the marketplace participant.

(2) A marketplace must

(a) regularly assess and document whether the marketplace requires any risk management and supervisory controls, policies and procedures relating to electronic trading, in addition to those controls that a marketplace participant is required to have under subsection 3(1), and ensure that such controls, policies and procedures are implemented in a timely manner;

(b) regularly assess and document the adequacy and effectiveness of any risk management and supervisory controls, policies and procedures implemented under paragraph (a); and

(c) document and promptly remedy any deficiencies in the adequacy or effectiveness of the controls, policies and procedures implemented under paragraph (a).

Marketplace Thresholds

8. (1) A marketplace must not permit the execution of orders for exchange-traded securities to exceed the price and volume thresholds set by

(a) its regulation services provider;

(b) the marketplace, if it is a recognized exchange that directly monitors the conduct of its members and enforces requirements set under subsection 7.1(1) of NI 23-101; or

(c) the marketplace, if it is a recognized quotation and trade reporting system that directly monitors the conduct of its users and enforces the requirements set under subsection 7.3(1) of NI 23-101.

(2) A recognized exchange, recognized quotation and trade reporting system or regulation services provider setting a price threshold for an exchange-traded security under subsection (1) must coordinate its price threshold with all other exchanges, quotation and trade reporting systems and regulation services providers setting a price threshold under subsection (1) for the exchange-traded security or a security underlying the exchange-traded security.

Clearly Erroneous Trades

9. (1) A marketplace must not provide access to a marketplace participant unless it has the ability to cancel, vary or correct a trade executed by the marketplace participant.

(2) If a marketplace has retained a regulation services provider, the marketplace must not cancel, vary or correct a trade executed on the marketplace unless

(a) instructed to do so by its regulation services provider;

(b) the cancellation, variation or correction is requested by a party to the trade, consent is provided by both parties to the trade and notification is provided to the marketplace's regulation services provider; or

(c) the cancellation, variation or correction is necessary to correct an error caused by a system or technological malfunction of the marketplace systems or equipment, or caused by an individual acting on behalf of the marketplace, and the consent to cancel, vary or correct has been obtained from the marketplace's regulation services provider.

(3) A marketplace must establish, maintain and ensure compliance with reasonable policies and procedures that clearly outline the processes and parameters associated with a cancellation, variation or correction and must make such policies and procedures publicly available.

Support Use of DEA Client Identifiers

9.1 A marketplace must not permit a marketplace participant to provide direct electronic access to a person or company unless the marketplace's systems support the use of DEA client identifiers.

PART 5

EXEMPTION AND EFFECTIVE DATE

Exemption

10. (1) The regulator or the securities regulatory authority may grant an exemption from this Instrument, in whole or in part, subject to such conditions or restrictions as may be imposed in the exemption.

(2) Despite subsection (1), in Ontario, only the regulator may grant such an exemption.

(3) Except in Ontario, an exemption referred to in subsection (1) is granted under the statute referred to in Appendix B of National Instrument 14-101 Definitions opposite the name of the local jurisdiction.

Effective Date

11. This Instrument comes into force on March 1, 2013.

 

ANNEX C

- - - - - - - - - - - - - - - - - - - - - - - - -

This Annex, shows by way of blackline, the changes made to Companion Policy 23-103CP Electronic Trading.

- - - - - - - - - - - - - - - - - - - - - - - - -

COMPANION POLICY 23-103CP

ELECTRONIC TRADING AND DIRECT ELECTRONIC ACCESS TO MARKETPLACES

PART 1 GENERAL COMMENTS

1.1 Introduction

(1) Purpose of National Instrument 23-103

The purpose of National Instrument 23-103 Electronic Trading and Direct Electronic Access to Marketplaces (NI 23-103 or the Instrument) is to address areas of concern and risks brought about by electronic trading and direct electronic access (DEA). The increased speed and automation of trading on marketplaces give rise to various risks, including credit risk and market integrity risk. To protect marketplace participants from harm and to ensure continuing market integrity, these risks need to be reasonably and effectively controlled and monitored.

In the view of the Canadian Securities Administrators (CSA or we), marketplace participants should bear primary responsibility for ensuring that these risks are reasonably and effectively controlled and monitored. This responsibility applies to orders that are entered electronically by the marketplace participant itself, as well as orders from clients using the participant dealer's marketplace participant identifier.

This responsibility includes both financial and regulatory obligations. This view is premised on the fact that it is the marketplace participant that makes the decision to engage in trading or provide marketplace access to a client. However, the marketplaces also have some responsibilities to manage risks to the market.

NI 23-103 is meant to address risks associated with electronic trading on a marketplace with a key focus on the gatekeeping function of the executing broker. However, a clearing broker also bears financial and regulatory risks associated with providing clearing services. Under National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations (NI 31-103) a dealer must manage the risks associated with its business in accordance with prudent business practices. As part of that obligation, we expect a clearing dealer to have in place effective systems and controls to properly manage its risks.

NI 23-103 also provides a minimum framework for the provision of DEA; however we note that each marketplace has the discretion to determine whether to allow DEA and to impose stricter standards regarding the provision of DEA.

(2) Scope of NI 23-103

NI 23-103 applies to the electronic trading of securities on marketplaces. In Alberta and British Columbia, the term "security" when used in NI 23-103 includes an option that is an exchange contract but does not include a futures contract. In Ontario, the term "security" when used in NI 23-103, does not include a commodity futures contract or a commodity futures option that is not traded on a commodity futures exchange registered with or recognized by the Commission under the Commodity Futures Act or the form of which is not accepted by the Director under the Commodity Futures Act. In Québec, the term "security" when used in NI 23-103, includes a standardized derivative as this notion is defined in the Derivatives Act.

(3) Purpose of Companion Policy

This Companion Policy sets out how the CSA interpret or apply the provisions of NI 23-103 and related securities legislation.

Except for Part 1, the numbering of Parts and sections in this Companion Policy correspond to the numbering in NI 23-103. Any general guidance for a Part appears immediately after the Part name. Any specific guidance on sections in NI 23-103 follows any general guidance. If there is no guidance for a Part or section, the numbering in this Companion Policy will skip to the next provision that does have guidance.

All references in this Companion Policy to Parts and sections are to NI 23-103, unless otherwise noted.

1.2 Definitions

Unless defined in NI 23-103, terms used in NI 23-103 and in this Companion Policy have the meaning given to them in the securities legislation of each jurisdiction, in National Instrument 14-101 Definitions, National Instrument 21-101 Marketplace Operation (NI 21-101), or NI 31-103.

(1) Automated order systems

Automated order systems encompass both hardware and software used to generate or electronically transmit orders on a pre-determined basis and would include smart order routers and trading algorithms that are used by marketplace participants, offered by marketplace participants to clients or developed or used by clients.

(2) Direct electronic access

Section 1 defines "direct electronic access" as the access provided by a person or company to a client, other than a client that is registered as an investment dealer with a securities regulatory authority, or in Québec, is a foreign approved participant as defined in the Rules of the Montréal Exchange Inc. (Montréal Exchange), that permits the client to electronically transmit an order relating to a security to a marketplace, using the person or company's marketplace participant identifier either through the person or company's systems for automatic onward transmission to a marketplace or directly to the marketplace without being electronically transmitted through the person or company's systems.

While the term "person or company" is used in the definition of DEA, under subsection 4.2(1), only a participant dealer may provide DEA.

The Instrument outlines a DEA framework for clients of a participant dealer. Investment dealers and, in Québec, foreign approved participants, are outside the definition of "DEA". The granting of access to marketplaces by participant dealers to investment dealers or foreign approved participants of the Montréal Exchange is governed by the rules of either a regulation services provider or an exchange doing its own regulation. Those regimes are expected to be substantially similar to the framework NI 23-103 imposes upon DEA clients that are not investment dealers or foreign approved participants by requiring minimum client standards, written agreements and training. Furthermore, a derivatives dealer in Québec, which is an approved participant of the Montréal Exchange, must be registered as an investment dealer.

The CSA view a DEA order as including an order that is generated by an automated order system used by a DEA client if the DEA client determines the specified marketplace to which the order is to be sent and if the order is transmitted using the participant dealer's marketplace participant identifier. We hold this view regardless of whether or not the DEA client is using an automated order system that is offered by the participant dealer. We note that a DEA client's routing decisions may be varied for regulatory purposes by a participant dealer when an order passes through the participant dealer's system, for example to comply with the order protection rule or with the risk management requirements of NI 23-103, but we still consider the order to be a DEA order.

This definition does not capture orders entered using an order execution service or other electronic access arrangements in which a client uses the website of a dealer to enter orders since these services and arrangements do not permit the client to enter orders using a participant dealer's marketplace participant identifier.

(3) DEA client identifier

NI 23-103 requires each DEA client to have a unique identifier in order to track orders originating from that DEA client. A participant dealer is responsible for ensuring that each DEA client is assigned a DEA client identifier under subsection 4.6(1) and for ensuring that every order entered by a DEA client using DEA includes the appropriate DEA client identifier under subsection 4.6(4). Following current industry practice, we expect the participant dealer will collaborate with the marketplace with respect to the assignment of the necessary identifiers.

(4) Marketplace participant identifier

A marketplace participant identifier is the unique identifier assigned to the marketplace participant for trading purposes. The assignment of this identifier is co-ordinated with a regulation services provider of the marketplace, where applicable. We expect a marketplace participant to use its marketplace participant identifier across all marketplaces of which it is a member, user or subscriber.

PART 2 REQUIREMENTS APPLICABLE TO MARKETPLACE PARTICIPANTS

3. Risk management and supervisory controls, policies and procedures

(1) National Instrument 31-103 requirements

For marketplace participants that are registered firms, section 11.1 of NI 31-103 requires the registered firm to establish, maintain and apply policies and procedures that establish a system of controls and supervision sufficient to: (a) provide reasonable assurance that the registered firm and each individual acting on its behalf complies with securities legislation; and (b) manage the risks associated with its business in accordance with prudent business practices. Section 3 of NI 23-103 builds on the obligations outlined in section 11.1 of NI 31-103. The CSA have included requirements in NI 23-103 for all marketplace participants that conduct trading on a marketplace to have risk management and supervisory controls, policies and procedures that are reasonably designed to manage their risks in accordance with prudent business practices. A marketplace participant must apply its risk management and supervisory controls, policies and procedures to all trading conducted under its marketplace participant identifier including trading conducted by a DEA client.

What would be considered to be "reasonably designed" in this context is tied to the risks associated with electronic trading that the marketplace participant is willing to bear and what is necessary to manage that risk in accordance with prudent business practices.

These requirements provide greater specificity with respect to the expectations surrounding controls, policies and procedures relating to electronic trading. The requirements apply to all marketplace participants, not just those that are registered firms.

(2) Documentation of risk management and supervisory controls, policies and procedures

Paragraph 3(1)(b) requires a marketplace participant to record its policies and procedures and maintain a copy of its risk management and supervisory controls in written form. This includes a narrative description of any electronic controls implemented by the marketplace participant as well as their functions.

We note that the risk management and supervisory controls, policies and procedures related to the trading of unlisted, government and corporate debt may not be the same as those related to the trading of equity securities due to the differences in the nature of trading of these types of securities. Different marketplace models such as a request for quote, negotiation system, or continuous auction market may require different risk management and supervisory controls, policies and procedures in order to appropriately address the varying levels of diverse risks these different marketplace models can pose to our markets.

A registered firm's obligation to maintain its risk management and supervisory controls in written form under paragraph 3(1)(b) includes retaining these documents and builds on a registered firm's obligation in NI 31-103 to retain its books and records. We expect a non-registered marketplace participant to retain these documents as part of its obligation under paragraph 3(1)(b) to maintain a description of its risk management and supervisory controls in written form.

(3) Clients that also maintain risk management controls

We are aware that a client that is not a registered dealer may maintain its own risk management controls. However, part of the intent of NI 23-103's risk management and supervisory controls, policies and procedures is to require a participant dealer to manage its risks associated with electronic trading and to protect the participant dealer under whose marketplace participant identifier an order is being entered. Consequently, a participant dealer must maintain reasonably designed risk management and supervisory controls, policies and procedures regardless of whether its clients maintain their own controls. It is not appropriate for a participant dealer to rely on a client's risk management controls, as the participant dealer would not be able to ensure the sufficiency of the client's controls, nor would the controls be tailored to the particular needs of the participant dealer.

(4) Minimum risk management and supervisory controls, policies and procedures

Subsection 3(2) sets out the minimum elements of the risk management and supervisory controls, policies and procedures that must be addressed and documented by each marketplace participant. Automated pre-trade controls include an examination of the order before it is entered on a marketplace and the monitoring of entered orders whether executed or not. The marketplace participant should assess, document and implement any additional risk management and supervisory controls, policies and procedures that it determines are necessary to manage the marketplace participant's financial exposure and to ensure compliance with applicable marketplace and regulatory requirements.

With respect to regular post-trade monitoring, it is expected that the regularity of this monitoring will be conducted commensurate with the marketplace participant's determination of the order flow it is handling. At a minimum, an end of day check is expected.

(5) Pre-determined credit or capital thresholds

A marketplace participant can establish pre-determined credit thresholds by setting lending limits for a client and establish pre-determined capital thresholds by setting limits on the financial exposure that can be created by orders entered or executed on a marketplace under its marketplace participant identifier. The pre-determined credit or capital thresholds referenced in paragraph 3(3)(a) may be set based on different criteria, such as per order, trade account or other criteria, including overall trading strategy, or using a combination of these factors as required in the circumstances.

For example, a participant dealer that sets a credit limit for a client with marketplace access provided by the participant dealer could impose that credit limit by setting sub-limits applied at each marketplace to which the participant dealer provides access that together equal the total credit limit. A participant dealer may also consider whether to establish credit or capital thresholds based on sector, security or other relevant factors. In order to address the financial exposure that might result from rapid order entry, a participant dealer may also consider measuring compliance with set credit or capital thresholds on the basis of orders entered rather than executions obtained.

We note that different thresholds may be set for the marketplace participant's own order flow (including both proprietary and client order flow) and that of a client with marketplace access provided by the marketplace participant, if appropriate.

(6) Compliance with applicable marketplace and regulatory requirements

The CSA expect marketplace participants to prevent the entry of orders that do not comply with all applicable marketplace and regulatory requirements that must be satisfied on a pre-trade basis where possible. Specifically, marketplace and regulatory requirements that must be satisfied on a pre-order entry basis are those requirements that can effectively be complied with only before an order is entered on a marketplace, including: (i) conditions that must be satisfied under National Instrument 23-101 Trading Rules (NI 23-101) before an order can be marked a "directed-action order", (ii) marketplace requirements applicable to particular order types and (iii) compliance with trading halts. This requirement does not impose new substantive regulatory requirements on the marketplace participant. Rather it establishes that marketplace participants must have appropriate mechanisms in place that are reasonably designed to effectively comply with their existing regulatory obligations on a pre-trade basis in an automated, high-speed trading environment.

(7) Order and trade information

Subparagraph 3(3)(b)(iv) requires the risk management and supervisory controls, policies and procedures to be reasonably designed to ensure that the compliance staff of the marketplace participant receives immediate order and trade information. This will require the marketplace participant to ensure that it has the capability to view trading information in real-time or to receive immediate order and trade information from the marketplace, such as through a drop copy.

This requirement will help the marketplace participant fulfill its obligations under subsection 3(1) with respect to establishing and implementing reasonably designed risk management and supervisory controls, policies and procedures that manage its risks associated with access to marketplaces.

This provision does not prescribe that a marketplace participant carry out compliance monitoring in real-time. There are instances however, when automated, real-time monitoring should be considered, such as when an automated order system is used to generate orders. It is up to the marketplace participant to determine, based on the risk that the order flow poses to the marketplace participant, the appropriate timing for compliance monitoring. However, our view is that it is important that a marketplace participant have the necessary tools in place to facilitate order and trade monitoring as part of the marketplace participant's risk management and supervisory controls, policies and procedures.

(8) Direct and exclusive control over setting and adjusting of risk management and supervisory controls, policies and procedures

Subsection 3(5) specifies that a marketplace participant must directly and exclusively set and adjust its risk management and supervisory controls, policies and procedures. With respect to exclusive control, we expect that no person or company, other than the marketplace participant, will be able to set and adjust the controls, policies and procedures. With respect to direct control, a marketplace participant must not rely on a third party in order to perform the actual setting and adjusting of its controls, policies and procedures.

A marketplace participant can use technology of third parties, including that of marketplaces, as long as the marketplace participant, whether a registered dealer or institutional investor, is able to directly and exclusively set and adjust its supervisory and risk management controls, policies and procedures.

Section 4 provides a limited exception to the requirement in subsection 3(5) in that a participant dealer may , on a reasonable basis, and subject to other requirements, authorize an investment dealer to set or adjust a specific risk management or supervisory control, policy or procedure on behalf of the participant dealer.

(9) Risk management and supervisory controls, policies and procedures provided by an independent third party

Under subsection 3(4), a third party providing risk management and supervisory controls, policies or procedures to a marketplace participant must be independent of any client of the marketplace participant. However, an entity affiliated with a participant dealer that is also a client of the participant dealer may provide supervisory and risk management controls to the participant dealer. In all instances, the participant dealer must directly and exclusively set and adjust its supervisory and risk management controls.

Paragraph 3(7)(a) requires that a marketplace participant must regularly assess and document whether the risk management and supervisory controls, policies and procedures of the third party are effective and otherwise consistent with the provisions of NI 23-103 before engaging such services. Reliance on representations of a third party provider is insufficient to meet this assessment requirement. The CSA expect registered firms to be responsible and accountable for all functions that they outsource to a service provider as set out in Part 11 of Companion Policy 31-103CP Registration Requirements, Exemptions and Ongoing Registrant Obligations.

(10) Regular assessment of risk management controls and supervisory policies and procedures

Subsection 3(6) requires a marketplace participant to regularly assess and document the adequacy and effectiveness of the controls, policies and procedures it is required to establish under subsection 3(1). Under subsection 3(7), the same assessment requirement also applies if a marketplace participant uses the services of a third party to provide risk management or supervisory controls, policies and procedures. A "regular" assessment would constitute, at a minimum, an assessment conducted annually of the controls, policies and procedures and whenever a substantive change is made to the controls, policies and procedures. A marketplace participant should determine whether more frequent assessments are required, depending on the particular circumstances.

A marketplace participant that is a registered firm is expected to retain the documentation of each such assessment as part of its obligation to maintain books and records in NI 31-103.

4. Authorization to set or adjust risk management and supervisory controls, policies and procedures

Section 4 is intended to address introducing (originating) and carrying (executing) arrangements or jitney arrangements that involve multiple dealers. In such arrangements, there may be certain controls that are better directed by the originating dealer, since it is the originating dealer that has knowledge of its client and is responsible for suitability and other "know your client" obligations. However, the executingWe expect the "ultimate client" to be a third party to the originating investment dealer must also have reasonable controls in all instances.

The executing dealer must also have reasonable controls in place to manage the risks it incurs by executing orders for other dealers.

Therefore, section 4 provides that a participant dealer may, on a reasonable basis, authorize an investment dealer to set or adjust a specific risk management or supervisory control, policy or procedure on the participant dealer's behalf by written contract and after a thorough assessment. Our view is that where the originating investment dealer with the direct relationship with the ultimate client has better access than the participant dealer to information relating to the ultimate client, the originating investment dealer may more effectively assess the ultimate client's financial resources and investment objectives.

We also expect that the participant dealer will maintain a written contract with the investment dealer that sets out a description of the specific risk management or supervisory control, policy or procedure and the conditions under which the investment dealer is authorized to set or adjust the control, policy or procedure as part of its books and records obligations set out in NI 31-103.

Paragraph 4(d) requires a participant dealer to regularly assess the adequacy and effectiveness of the investment dealer's setting or adjusting of the risk management and supervisory controls, policies and procedures that it performs on the participant dealer's behalf. We expect that this will include an assessment of the performance of the investment dealer under the written agreement prescribed in paragraph 4(b). A "regular" assessment would constitute, at a minimum, an assessment conducted annually of the controls, policies and procedures and whenever a substantive change is made to the controls, policies or procedures. A marketplace participant should determine whether more frequent assessments are required, depending on the particular circumstances.

Under paragraph 4(e), the participant dealer must provide the compliance staff of the originating investment dealer with immediate order and trade information of the ultimate client. This is to allow the originating investment dealer to monitor trading more effectively and efficiently.

Authorizing an investment dealer to set or adjust a risk management or supervisory control, policy or procedure does not relieve the participant dealer of its obligations under section 3, including the overall responsibility to establish, document, maintain and ensure compliance with risk management and supervisory controls, policies and procedures reasonably designed to manage, in accordance with prudent business practices, the financial, regulatory and other risks associated with marketplace access.

PART 2.1 REQUIREMENTS APPLICABLE TO PARTICIPANT DEALERS PROVIDING DIRECT ELECTRONIC ACCESS

4.2 Provision of DEA

(1) Registration requirement

Only marketplace participants that meet the definition of "participant dealer" are permitted to provide DEA to clients. NI 23-103 defines a participant dealer as a marketplace participant that is an investment dealer or, in Québec, a foreign approved participant as defined in the Rules of the Montréal Exchange as amended from time to time.

(2) Persons or companies not eligible for DEA

Subsection 4.2(2) specifically prohibits a participant dealer from providing DEA to clients that are acting and registered as dealers. We think that dealers that are acting as and registered in dealer categories other than "investment dealer" should not have this type of electronic access to marketplaces through a participant dealer unless they themselves are investment dealers and subject to Investment Industry Regulatory Organization of Canada (IIROC) rules. We note that investment dealers and foreign approved participants are not included under this subsection because they are outside the definition of DEA, which is a form of marketplace access given to clients other than an investment dealer or a foreign approved participant.

Investment dealers that are members of IIROC may trade electronically using routing arrangements as regulated under its Universal Market Integrity Rules.

A client is ineligible for DEA if it is both registered as a dealer with a securities regulatory authority and is acting in its capacity as a registered dealer. For example, a person or company that is registered as an adviser, such as a portfolio manager or restricted portfolio manager, and that is also registered as a dealer is eligible for DEA if it only uses DEA when acting in its capacity as an adviser and not in its capacity as a dealer. If a dually registered firm uses DEA to place trades through a participant dealer for its managed account clients, then it is using DEA in its capacity as an adviser. NI 31-103 defines a managed account to mean an account of a client for which a person or company makes the investment decisions if that person or company has discretion to trade in securities for the account without requiring the client's express consent to a transaction. As a further example, if a firm uses DEA to place trades through a participant dealer for accounts of clients that are accredited investors (as defined in National Instrument 45-106 Prospectus and Registration Exemptions) but are not managed accounts, then it is using DEA in its capacity as a dealer, and therefore must not be using DEA for this trading activity.

Similarly, a foreign dealer that is also registered as a dealer with a securities regulatory authority is eligible for DEA if it only uses DEA when acting in its capacity as a foreign dealer and not in its capacity as a dealer registered with a securities regulatory authority.

(3) Order execution services

The definition of DEA does not include order execution services as they are governed by IIROC rules.

It is our view that, in general, retail investors should not be using DEA and should be sending orders using order execution services. However, there are some circumstances in which individuals are sophisticated and have access to the necessary technology to use DEA (for example, former registered traders or floor brokers). In these circumstances, we expect that if a participant dealer chooses to offer DEA to an individual, the participant dealer will set standards high enough to ensure that the participant dealer is not exposed to undue risk. It may be appropriate for these standards to be higher than those set for institutional investors. All requirements relating to risk management and supervisory controls, policies and procedures would apply when providing DEA to an individual.

4.3 Standards for DEA clients

(1) Minimum standards

A participant dealer's due diligence with respect to its clients is a key method of managing risks associated with providing DEA and necessitates a thorough vetting of potential DEA clients. As a result, section 4.3 requires the participant dealer to establish, maintain and apply standards that are reasonably designed to manage, in accordance with prudent business practices, the participant dealer's risks associated with providing DEA and to assess and document that the prospective DEA client meets these standards before providing DEA. A participant dealer's establishment, maintenance and application of standards that are reasonably designed to manage the participant dealer's risks associated with providing DEA would include evaluating its risks in providing DEA to a specific client. The participant dealer must establish, maintain and apply these standards with respect to all DEA clients. Subsection 4.3(2) requires a participant dealer's standards to include that a DEA client has sufficient resources to meet any financial obligation that may result from its use of direct electronic access and has reasonable knowledge of both the use of the order entry system and all applicable marketplace and regulatory requirements.

Each participant dealer has a different risk profile and as a result, we have provided flexibility to participant dealers in determining the specific levels of the minimum standards. We view these standards to be the minimum required for the participant dealer to properly manage its risks. The participant dealer should assess and determine what additional standards are reasonable given the particular circumstances of the participant dealer and each prospective DEA client. For example, a participant dealer might need to modify certain standards that it applies to an institutional client when determining whether an individual is suitable for receiving DEA.

Some additional factors a participant dealer could consider when setting such standards for prospective DEA clients include prior sanctions for improper trading activity, evidence of a proven track record of responsible trading, supervisory oversight, and the proposed trading strategy and associated volumes of trading.

(2) Monitoring the entry of orders

The requirement in paragraph 4.3(2)(d) for the DEA client to monitor the entry of orders though DEA is expected to help ensure that orders comply with marketplace and regulatory requirements, meet minimum standards set for managing risk and do not interfere with fair and orderly markets.

(3) Annual confirmation

Subsection 4.3(3) requires a participant dealer to assess, confirm and document, at least annually, that each DEA client continues to meet the minimum standards established by the participant dealer. It is up to the participant dealer to choose the method of confirmation. Obtaining a written annual certification by the DEA client is one way to meet this requirement. If the participant dealer does not require a written annual certification, the participant dealer should record the steps it has taken to perform the annual confirmation in order to be able to demonstrate compliance with this requirement.

4.4 Written agreement

While section 4.4 sets out the provisions that must be included in a written agreement between a participant dealer and its DEA client, the participant dealer may choose to include additional provisions in the agreement as well.

Subparagraph 4.4(a)(iii) requires a DEA client to take all reasonable steps to prevent unauthorized access to the technology that facilitates direct electronic access and to not permit any person or company to use the direct electronic access provided by the participant dealer other than those named by the DEA client under the provision of the agreement referred to in subparagraph 4.4(a)(vii). The steps taken should be commensurate with the risks posed by the type of technology and systems that are being used.

Subparagraph 4.4(a)(iv) specifies that when a participant dealer requests information from its DEA client in connection with an investigation or proceeding by any marketplace or regulation services provider with respect to trading conducted pursuant to the DEA provided, the information is required to only be given to the marketplace or regulation services provider conducting the investigation or proceeding in order to protect the confidentiality of the information.

Subparagraph 4.4(a)(vii) specifies that a DEA client will immediately provide to the participant dealer, in writing, the names of all personnel acting on the DEA client's behalf that it has authorized to enter an order using DEA. This requires a DEA client to formally authorize its personnel who will be entering orders using DEA when trading for the DEA client.

In order to assist a participant dealer in managing its risks with providing DEA, subsection 4.4(b) requires that the written agreement between a participant dealer and its DEA client provide that a participant dealer is authorized to reject any order, cancel any order entered on a marketplace and discontinue accepting orders from the DEA client, without prior notice. It also requires that the participant dealer be authorized to, without prior notice, vary or correct any order to comply with a marketplace or regulatory requirement. For example, this may occur when an order is re-priced by a participant dealer to ensure the order does not lock or cross the market. We note that the authorization to vary or correct any order to comply with a marketplace or regulatory requirement is the minimum expected by the CSA and a participant dealer may require greater latitude in the agreement to vary or correct orders of a DEA client than is mandated under the Instrument.

4.5 Training of DEA clients

Pursuant to subsection 4.5(1), before providing DEA to a client, and as necessary after DEA is provided, a participant dealer must satisfy itself that the client has reasonable knowledge of applicable marketplace and regulatory requirements. What constitutes "reasonable knowledge" will depend on the particular client's trading activity and the associated risks presented by each specific client.

The participant dealer must assess the client's knowledge and determine what, if any, training is required in the particular circumstances. The training must, at a minimum, enable the DEA client to understand the applicable marketplace and regulatory requirements and how trading on the marketplace system occurs. For example, it may be appropriate for the participant dealer to require the client to have the same training required of an approved participant under UMIR.

After DEA has been provided, an assessment of the DEA client's knowledge of applicable marketplace and regulatory requirements would be considered necessary if significant changes to these requirements are made or if the participant dealer notices unusual trading activity by the DEA client. If the participant dealer finds the DEA client's knowledge to be deficient after such an assessment, the participant dealer should require additional training for the DEA client until the DEA client achieves the requisite level of knowledge or discontinue providing DEA to that DEA client.

4.6 DEA client identifier

(1) Assignment of DEA client identifier

The purpose of requiring a unique identifier for each DEA client is to identify orders of clients entered onto a marketplace by way of DEA. NI 23-103 requires a participant dealer, upon providing DEA to a client, to ensure that the DEA client has been assigned a DEA client identifier. Following current industry practice, we expect the participant dealer will collaborate with the marketplace with respect to determining the necessary identifiers. We note that a DEA client may be assigned one or more DEA client identifiers.

(2) Information to marketplaces

Subsection 4.6(2) requires a participant dealer to immediately provide the assigned DEA client identifier to each marketplace to which the DEA client has direct electronic access through that participant dealer. This provision is to ensure that marketplaces are aware of which trading channels contain DEA flow in order for marketplaces to properly manage their risks. The CSA do not expect that a DEA client's name will be disclosed to a marketplace. Instead, a participant dealer would only need to provide the assigned DEA client identifier to a marketplace to enable the marketplace to more readily identify DEA flow.

4.7 Trading by DEA clients

Client orders passing through the systems of the DEA client

The CSA are of the view that DEA clients should not provide their DEA to their clients or any other person or company. Subsection 4.7(2) requires that if a DEA client is using DEA and trading for the account of another person or company, the orders of the other person or company must be transmitted through the systems of the DEA client before being entered on a marketplace. We consider the systems of the DEA client to include the DEA client's own proprietary systems or systems that are provided to the DEA client by a third party. The orders of the other person or company must be transmitted through the DEA client's systems regardless of whether a DEA client sends orders directly or indirectly through a participant dealer.

This is meant to allow for those arrangements that the CSA are comfortable with, such as a DEA client acting as a "hub" and aggregating the orders of its affiliates before sending the orders to the participant dealer. Requiring orders to be transmitted through the systems of the DEA client allows the DEA client to impose any controls it deems necessary or is required to impose under any requirements to manage its risks. Although the participant dealer is required to have controls to manage its risks that arise from providing DEA to clients, including automated pre-trade controls, it is the DEA client that has knowledge of the person or company it is trading for. As a result, the DEA client is likely in a better position to determine the appropriate controls and parameters of those controls that are specific to each person or company it is trading for. The participant dealer is responsible for ensuring that the DEA client has adequate controls in place to monitor the orders entering the DEA client's systems.

PART 3 REQUIREMENTS APPLICABLE TO THE USE OF AUTOMATED ORDER SYSTEMS

5. Use of automated order systems

Section 5 stipulates that a marketplace participant or any client must take all reasonable steps to ensure that its use of automated order systems does not interfere with fair and orderly markets. A marketplace participant must also take all reasonable steps to ensure that the use of an automated order system by a client does not interfere with fair and orderly markets. This includes both the fair and orderly trading on a marketplace or the market as a whole and the proper functioning of a marketplace. For example, the sending of a continuous stream of orders that negatively impacts the price of a security or that overloads the systems of a marketplace may be considered as interfering with fair and orderly markets.

Paragraph 5(3)(a) requires a marketplace participant to have a level of knowledge and understanding of any automated order systems used by either the marketplace participant or the marketplace participant's clients that is sufficient to allow the marketplace participant to identify and manage the risks associated with the use of the automated order system. We understand that detailed information of automated order systems may be treated as proprietary information by some clients or third party service providers; however, the CSA expect that the marketplace participant will be able to obtain sufficient information in order to properly identify and manage its own risks.

Paragraph 5(3)(b) requires that each automated order system is tested in accordance with prudent business practices. A participating dealer does not necessarily have to conduct tests on each automated order system used by its clients but must satisfy itself that these automated order systems have been appropriately tested. Testing an automated order system in accordance with prudent business practices includes testing it before its initial use and at least annually thereafter. We would also expect that testing would also occur after any significant change to the automated order system is made.

PART 4 REQUIREMENTS APPLICABLE TO MARKETPLACES

6. Availability of order and trade information

(1) Reasonable access

Subsection 6(1) is designed to ensure that a marketplace participant has immediate access to the marketplace participant's order and trade information when needed. Subsection 6(2) will help ensure that the marketplace does not have any rules, polices, procedures, fees or practices that would unreasonably create barriers to the marketplace participant in accessing this information.

This obligation is distinct from the requirement for marketplaces to disseminate order and trade information through an information processor under Parts 7 and 8 of NI 21-101. The information to be provided pursuant to section 6 would need to include the private information included on each order and trade in addition to the public information disseminated through an information processor.

(2) Immediate order and trade information

For the purposes of providing access to order and trade information on an immediate basis, we consider a marketplace's provision of this information by a drop copy to be acceptable.

7. Marketplace controls relating to electronic trading

(1) Termination of marketplace access

Subsection 7(1) requires a marketplace to have the ability and authority to terminate all or a portion of the access provided to a marketplace participant before providing access to that marketplace participant. This requirement also includes the authority of a marketplace to terminate access provided to a client that is using a participant dealer's marketplace participant identifier to access the marketplace. We expect a marketplace to act when it identifies trading behaviour that interferes with the fair and orderly functioning of its market.

(2) Assessments to be conducted

Paragraph 7(2)(a) requires a marketplace to regularly assess and document whether the marketplace requires any risk management and supervisory controls, policies and procedures relating to electronic trading, in addition to the risk management and supervisory controls, policies and procedures that marketplace participants are required to have under subsection 3(1), and ensure that such controls, policies and procedures are implemented in a timely manner. As well, a marketplace must regularly assess and document the adequacy and effectiveness of any risk management and supervisory controls, policies and procedures put in place under paragraph 7(2)(a). A marketplace is expected to document any conclusions reached as a result of its assessment and any deficiencies noted. It must also promptly remedy any identified deficiencies.

It is important that a marketplace take steps to ensure it does not engage in activity that interferes with fair and orderly markets. Part 12 of NI 21-101 requires marketplaces to establish systems-related risk management controls. It is therefore expected that a marketplace will be generally aware of the risk management and supervisory controls, policies and procedures of its marketplace participants and assess whether it needs to implement additional controls, policies and procedures to eliminate any risk management gaps and ensure the integrity of trading on its market.

(3) Timing of assessments

A "regular" assessment would constitute, at a minimum, an assessment conducted annually and whenever a substantive change is made to a marketplace's operations, rules, controls, policies or procedures that relate to methods of electronic trading. A marketplace should determine whether more frequent assessments are required depending on the particular circumstances of the marketplace, for example when the number of orders or trades is increasing very rapidly or when new types of clients or trading activities are identified. A marketplace should document and preserve a copy of each such assessment as part of its books and records obligation in NI 21-101.

(4) Implementing controls, policies and procedures in a timely manner

A "timely manner" will depend on the particular circumstances, including the degree of potential risk of financial harm to marketplace participants and their clients or harm to the integrity of the marketplace and to the market as a whole. The marketplace must ensure the timely implementation of any necessary risk management and supervisory controls, policies and procedures.

8. Marketplace thresholds

Section 8 requires that each marketplace must not permit the execution of orders of exchange-traded securities exceeding price and volume thresholds set by its regulation services provider, or by the marketplace if it is a recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces certain requirements set under NI 23-101.

These price and volume thresholds are expected to reduce erroneous orders and price volatility by preventing the execution of orders that could interfere with a fair and orderly market.

There are a variety of methods that may be used to prevent the execution of these orders. However, the setting of the price threshold is to be coordinated among all regulation services providers, recognized exchanges and recognized quotation and trade reporting systems that set the threshold under subsection 8(1).

The coordination requirement also applies when setting a price threshold for securities that have underlying interests in an exchange-traded security. We note that there may be differences in the actual price thresholds set for an exchange-traded security and a security that has underlying interests in that exchange-traded security.

9. Clearly erroneous trades

(1) Application of section 9

Section 9 provides that a marketplace cannot provide access to a marketplace participant unless it has the ability to cancel, vary or correct a trade executed by that marketplace participant. This requirement would apply in the instance where the marketplace decides to cancel, vary or correct a trade or is instructed to do so by a regulation services provider.

Before cancelling, varying or correcting a trade, paragraph 9 (2)(a) requires that a marketplace receive instructions from its regulation services provider, if it has retained one. We note that this would not apply in the case of a recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) respectively of NI 23-101.

(2) Cancellation, variation or correction where necessary to correct a system or technological malfunction or error made by the marketplace systems or equipment

Under paragraph 9(2)(c) a marketplace may cancel, vary or correct a trade where necessary to correct an error caused by a system or technological malfunction of the marketplace's systems or equipment or an individual acting on behalf of the marketplace. If a marketplace has retained a regulation services provider, it must not cancel, vary or correct a trade unless it has obtained permission from its regulation services provider to do so.

Examples of errors caused by a system or technological malfunction include where the system executes a trade on terms that are inconsistent with the explicit conditions placed on the order by the marketplace participant, or allocates fills for orders at the same price level in a manner or sequence that is inconsistent with the stated manner or sequence in which such fills are to occur on the marketplace. Another example includes where the trade price was calculated by a marketplace's systems or equipment based on some stated reference price, but it was calculated incorrectly.

(3) Policies and procedures

For policies and procedures established by the marketplace in accordance with the requirements of subsection 9(3) to be "reasonable", they should be clear and understandable to all marketplace participants.

The policies and procedures should also provide for consistent application. For example, if a marketplace decides that it will consider requests for cancellation, variation or correction of trades in accordance with paragraph 9(2)(b), it should consider all requests received regardless of the identity of the counterparty. If a marketplace chooses to establish parameters only within which it might be willing to consider such requests, it should apply these parameters consistently to each request, and should not exercise its discretion to refuse a cancellation or amendment when the request falls within the stated parameters and the consent of the affected parties has been provided.

When establishing any policies and procedures in accordance with subsection 9(3), a marketplace should also consider what additional policies and procedures might be appropriate to address any conflicts of interest that might arise.

 

ANNEX D

PASSPORT SYSTEM AMENDMENTS

Amending Instrument for

Multilateral Instrument 11-102 Passport System

1. Multilateral Instrument 11-102 Passport System is amended by this Instrument.

2. Appendix D is amended by repealing the row that contains"Electronic trading" in the column entitled "Provision" and replacing it with the following row:

 

 

 

Electronic trading and direct electronic access to marketplaces

NI 23-103 (only sections 3(1), 3(2), 3(3)(a) to 3(3)(d), 3(4) to 3(7), 4, 4.2, 4.3, 4.4(a)(ii), 4.4(a)(iii), 4.4(a)(v) to 4.4(a)(vii), 4.4(b), 4.5, 4.7, and 5(3))

3.This instrument comes into force on March 1, 2014.

 

ANNEX E

COMMENT SUMMARY AND CSA RESPONSES

Commenters:

Michael Mercier, British Columbia Investment Management Corporation

Mark DesLauriers, Osler, Hoskin & Harcourt LLP

Kevan Cowan, TMX Group Limited

Topic

Summary of Comments

Response to Comments

 

NI 23-103 in General

One commenter advocated making the wording and grammar of the amendments to NI 23-103 Electronic Trading (Instrument or NI 23-103) and the Investment Industry Regulatory Organization of Canada's (IIROC) Proposed Provisions Respecting Third-Party Electronic Access to Marketplaces identical in order to avoid inconsistent interpretations. This commenter was also concerned about problems from this duplication. As an example, the commenter said that it is burdensome for dealers who wish to gain an exemption to comply with the separate processes in NI 23-103 and IIROC's Universal Market Integrity Rules (UMIR).

We have examined the differences in language between the IIROC proposal and NI 23-101 and have made the language as consistent as possible. Where the language is not identical, it is our view that the meaning is substantially the same.

 

 

 

We note that under section 4.1 of NI 23-103, a participant dealer that complies with UMIR requirements similar to those established under Part 2.1 of the Instrument would not need to meet the requirements of Part 2.1 and would therefore only need to gain an exemption under UMIR. A separate exemption from NI 23-103 would not be necessary.

 

Proposed Provisions

 

 

 

4.1 Requirements Applicable to Participant Dealers Providing Direct Electronic Access: Application of this Part

 

 

 

This Part does not apply to a participant dealer if the participant dealer complies with similar requirements established by

One commenter questioned the potential redundancy of the Instrument as a result of subsection 4.1(a). This commenter suggested that NI 23-103 may be inapplicable to participant dealers because all dealers affected by the Instrument are required to abide by the UMIR proposal of IIROC, a regulation services provider (as identified in subsection 4.1(a)). The commenter asked to whom the proposal applies since it does not apply to participant dealers.

The definition of "participant dealer" has been revised to clarify that in Québec, "foreign approved participants" as defined in the Rules of the Montréal Exchange Inc. (Montréal Exchange) also fall under this term.

 

(a) a regulation services provider;

 

We note that IIROC is not the regulation services provider to all marketplaces in Canada, for example, the Montréal Exchange. Therefore, the proposal would apply to members of a recognized exchange that directly monitors the conduct of its members and enforces requirements set under subsection 7.1(1) of NI 23-101 but has not established similar requirements.

 

(b) a recognized exchange that directly monitors the conduct of its members and enforces requirements set under subsection 7.1(1) of NI 23-101; or

 

 

 

(c) a recognized quotation and trade reporting system that directly monitors the conduct of its users and enforces requirements set under subsection 7.3(1) of NI 23-101.

 

 

 

4.2 Provision of Direct Electronic Access

 

 

 

(1) A person or company must not provide direct electronic access unless it is a participant dealer.

Two commenters found the use of "registrant" in subsection 4.2(2) confusing. They asked about the subsection's application to exemptive relief.

We have revised the wording in subsection 4.2(2) to avoid any confusion from the use of the term "registrant" and to ensure that only the appropriate registered entities are captured by the provision. Subsection 4.2(2) now stipulates that clients acting and registered as dealers with a securities regulatory authority cannot receive DEA.

 

(2) A participant dealer must not provide direct electronic access to a registrant unless the registrant is

One commenter suggested replacing the list of qualifying dealers in subsection 4.2(2) with a list of prohibited dealers to clarify which entities can receive DEA.

 

 

(a) a portfolio manager; or

The same commenter asked why the Instrument prohibits registered investment dealers, scholarship plan dealers, mutual fund dealers, exempt market dealers, restricted dealers and investment fund managers from obtaining DEA. This commenter stated that the risk these dealers pose is no greater than the risk posed by entities that will be able to obtain DEA under the Instrument, particularly since the prohibition on trading for the account of clients limits many DEA clients to trading as principle.

The CSA do not want to facilitate regulatory arbitrage with respect to trading. In our view, as stated in subsection 4.2(2) of the CP, dealers acting and registered in categories other than "investment dealer" should not have this type of electronic access to marketplace through a participant dealer unless they themselves are investment dealer and subject to IIROC rules.

 

(b) a restricted portfolio manager.

 

We note that investment dealer-to-investment dealer arrangements are addressed in UMIR as "routing arrangements".

 

4.6 DEA Client Identifier

 

 

 

(1) Upon providing direct electronic access to a DEA client, a participant dealer must assign to the client a DEA client identifier in the form and manner required by

One commenter noted that subsection 4.6(2) reflects current industry practice for assigning client identifiers but that IIROC Notice 12-0315 described a different process, in which IIROC will assign client identifiers to DEA clients. The commenter asked whether the current practice for assigning client identifiers will change and expressed concerns about business and efficiency impacts if it does. This commenter recommended the process for obtaining client identifiers be efficient while allowing for due diligence.

We have addressed the noted inconsistency by revising subsections 4.6(1),(2) and (3). Subsection 4.6(1) will now require that participant dealers ensure that each of their DEA clients is assigned a DEA client identifier. We do not expect the current practice for assigning DEA client identifiers to change in the near future. However, this revision will be able to accommodate changes to the DEA client identifier assignment process, while ensuring that a client will only trade using DEA once it has been assigned a unique DEA client identifier.

 

(a) a regulation services provider;

 

 

 

(b) a recognized exchange that directly monitors the conduct of its members and enforces requirements set under subsection 7.1(1) of NI 23-101; or

 

 

 

(c) a recognized quotation and trade reporting system that directly monitors the conduct of its users and enforces requirements set under subsection 7.3(1) of NI 23-101.

 

 

 

(2) A participant dealer that assigns a DEA client identifier under subsection (1) must immediately provide the DEA client identifier to each marketplace to which the DEA client has direct electronic access through the participant dealer.

 

 

 

(3) A participant dealer that assigns a DEA client identifier under subsection (1) must immediately provide the DEA client's name and its associated DEA client identifier to:

 

 

 

(a) all regulation services providers monitoring trading on a marketplace to which the DEA client has access through the participant dealer;

 

 

 

(b) any recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set under subsection 7.1(1) or 7.3(1) of NI 23-101 and to which the DEA client has access through the participant dealer; and

 

 

 

(c) any exchange or quotation and trade reporting system that is recognized for the purposes of this Instrument and that directly monitors the conduct of its members or users and enforces requirements set under subsection 7.1(1) or 7.3(1) of NI 23-101 and to which the DEA client has access through the participant dealer.

 

 

 

(4) A participant dealer must ensure that an order entered by a DEA client using direct electronic access provided by the participant dealer includes the appropriate DEA client identifier.

 

 

 

(5) If a client ceases to be a DEA client, the participant dealer must promptly inform:

 

 

 

(a) all regulation services providers monitoring trading on a marketplace to which the DEA client had access through the participant dealer;

 

 

 

(b) any recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set under section 7.1(1) or 7.3(1) of NI 23-101 and to which the DEA client had access through the participant dealer; and

 

 

 

(c) any exchange or quotation and trade reporting system that is recognized for the purposes of this Instrument and that directly monitors the conduct of its members or users and enforces requirements set under subsection 7.1(1) or 7.3(1) of NI 23-101 and to which the DEA client had access through the participant dealer.

 

 

 

4.7 Trading by DEA Clients

 

 

 

(1) A participant dealer must not provide direct electronic access to a DEA client that is trading for the account of another person or company.

A commenter thought that prohibiting trading for the account of clients is problematic because it would prevent a market participant from exercising discretionary or directed DEA trading for many client accounts. The commenter suggested this limitation will cause market disruption and negatively impact trading volumes. Further, the commenter suggested that trading by a market participant on behalf of its clients should be treated no differently than the market participant trading on its own behalf because the risks are comparable.

We remain of the view that it is important to limit the risk of DEA trading by preventing DEA clients from trading via DEA for another person or company except under specified circumstances.

 

(2) Despite subsection (1), when using direct electronic access, the following DEA clients may trade for the accounts of their clients:

The same commenter agreed that prohibiting the sub-delegation of DEA to clients (subsection 4.7(5)) is appropriate.

We have revised the wording of subsections 4.7(1) and 4.7(2) to:

 

(a) a portfolio manager;

One commenter suggested that the reference to "participant dealers" in section 4.7(1) and the reference to "clients" in section 4.7(2) is inconsistent and makes section 4.7(2) technically unusable.

clarify that a DEA client that is registered or exempted from registration as an adviser under securities legislation may trade for the account of another person or company using DEA;

 

(b) a restricted portfolio manager;

This commenter suggested that making subsection 4.7(1) consistent with subsection 4.7(2), which refers to DEA clients, by narrowing the restriction in subsection 4.7(1) so that it prohibits DEA clients from trading for the account of clients, rather than for another person or company. The commenter noted that given the broad meaning of "person", the change would avoid unnecessary restrictions. This commenter also suggested expanding subsection 4.7(2) to include entities that, except for an exemption from NI 31-103, would otherwise be a portfolio manager. If the CSA intended entities to apply for exemptions, the commenter asked the CSA to clarify which entity (the client or the market participant), would be able to apply for an exemption from subsection 4.7(1).

remove the limitation of unregistered entities carrying on business in a foreign jurisdiction that are permitted to trade for another person or company via DEA in that foreign jurisdiction from doing so in Canada, if it is regulated in the foreign jurisdiction by a signatory to the IOSCO Multilateral MOU;

 

(c) a person or company that is registered in a category analogous to the entities referred to in paragraphs (a) or (b) in a foreign jurisdiction that is a signatory to the International Organization of Securities Commissions' Multilateral Memorandum of Understanding.

 

remove the inconsistent references to "participant dealers" in subsection 4.7(1) and "clients" in subsection 4.7(2); and

 

(3) If a DEA client is using direct electronic access to trade for the account of a client, as permitted by subsection (2), the DEA client must ensure that its client's orders flow through the systems of the DEA client before being entered on a marketplace.

 

consistently refer to "a person or company" instead of "clients".

 

(4) A participant dealer must ensure that when a DEA client is trading for the account of its client using direct electronic access, the DEA client has established and maintains reasonable risk management and supervisory controls, policies and procedures.

 

Subsection 4.7(1) imposes an obligation on participant dealers. If an exemption from this requirement is needed, it is the participant dealer that must file the requested exemption from this requirement.

 

(5) A DEA client must not provide access to or pass on its direct electronic access to another person or company other than the individuals authorized under paragraph 4.4(a)(vii).

 

 

 

Companion Policy 23-103CP in General

One commenter expressed concern that the policy guidelines spoke only to the concept of sub-delegation to a client, and not to trading for the account of another person.

We have revised the wording in the CP accordingly to clarify that the concept of sub-delegation applies to trading for the account of another person or company.

 

1.1 Introduction

 

 

 

(1) Purpose of National Instrument 23-103

One commenter was supportive of allowing marketplaces discretion in choosing whether to provide DEA access and whether to impose stricter standards than required by the Instrument.

We note the comment.