Financial Services Updatehttps://stikeman.com/en-ca/rss/financial-services?utm_source=finserv-list-en&utm_medium=email&utm_campaign=finservFinancial Services Updateen-CA{2FB0C405-CBA6-4117-BE76-7FA7DB290AA4}https://stikeman.com/en-ca/kh/insurance-law/osfi-releases-finalized-integrity-and-security-guidelineStuart S. Carruthershttps://stikeman.com/en-ca/people/c/stuart-s-carruthersAndrew S. Cunninghamhttps://stikeman.com/en-ca/people/c/andrew-s-cunninghamInsurance Law UpdatePrivacy & CybersecurityFinancial Services UpdateOSFI Releases Finalized Integrity and Security Guideline<p><strong>On January 31, 2024, OSFI released its finalized Integrity and Security Guideline (“Guideline”). The Guideline is a result of the extension of OSFI’s mandate, as of January 1, 2024, to include the oversight of integrity and security-related policies and procedures of Federally Regulated Financial Institutions (“FRFIs”).<a href="#_ftn1" name="_ftnref1"><sup>[1]</sup></a> This follow-up to </strong><a rel="noopener noreferrer" target="_blank" href="https://www.stikeman.com/en-ca/kh/insurance-law/osfis-draft-security-and-integrity-guideline-whats-expected-of-frfis-and-when"><strong>our previous post</strong></a><strong> summarizes the changes that were made in the final version and notes the implementation schedule that OSFI also announced on January 31.</strong></p> <p>As discussed in our earlier post, the Guideline is structured around ten integrity and security “principles”:</p> <ul> <li><strong>Integrity principles:</strong> Character; Culture; Governance; Compliance.</li> <li><strong>Security principles:</strong> Physical premises; People; Technology; Data/information; Third-party risks; Undue influence/foreign interference/malicious activity.</li> </ul> <p>While the finalized Guideline maintains this structure, it has been significantly revised in light of comments received. <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/en/consultations/consultation-summaries/osfis-response-draft-integrity-security-guideline-consultation-feedback">OSFI’s response to this feedback</a> notes that these changes fall into three categories:</p> <ul> <li><strong>Terminology:</strong> Certain colloquial, uncommon and undefined expressions have been replaced by more standard terminology.</li> <li><strong>Proportionality: </strong>The Guideline’s final version is clearer about the proportional application of certain expectations.</li> <li><strong>Risk basis: </strong>OSFI has clarified that key expectations in the Guideline can be applied on a risk basis.</li> </ul> <p>In addition to the above, we note that (i) the finalized Guideline relaxes several overly broad and/or unrealistic compliance expectations and (ii) it refers more explicitly to foreign interference risk, in keeping with the growing recognition of that issue in Canada generally.</p> <h2>Summary of the Significant Changes</h2> <p>Some of the more significant substantive changes from the draft version are as follows. These are found in the Guideline’s overview section as well as in the sections dedicated to integrity and security.</p> <h3>Overview</h3> <h4>Application of the Guideline</h4> <p>The “Application” section now specifically states (i) that the Guideline applies on a <strong>risk basis</strong> and (ii) that the <strong>factors to be considered</strong> include:</p> <ul> <li>Business arrangements, such as joint ventures and strategic alliances; and</li> <li>Ownership structure, which is now specifically defined to encompass “parent-subsidiary or home office-branch relationships and relationships with related parties and large shareholders.”</li> </ul> <h4>Obstacles to meeting expectations</h4> <p>The finalized Guideline provides that, where a FRFI faces impediments to meeting an expectation, such as local laws or limitations associated with leased premises, it should “take appropriate mitigating actions” in keeping with the risks of the situation.</p> <h4>Key terms</h4> <p>The terms “contractor” and “leader” have been defined. In addition, several draft definitions have been revised, including a more flexible definition of “responsible persons” and a clearer definition of “integrity” that does not involve the concept of “ethical standards” (a term that commenters considered too vague). National security is now specifically referenced in the definitions of “malicious activity” and “undue influence”.</p> <h4>Outcomes</h4> <p>Actions, behaviours and decisions are now expected to be measured against “regulatory expectations, laws and codes of conduct” rather than against “ethical standards”.</p> <h4>Policies and procedures</h4> <p>The finalized Guideline provides more specifics about OSFI’s expectations for the maintenance and updating of policies and procedures, with an increased emphasis on regular review and updating in response to newly identified threats.</p> <h3>Integrity</h3> <h4>Creative compliance</h4> <p>The general discussion of the concept of integrity now contains an explicit caution respecting “creative compliance, regulatory arbitrage, and any other measures designed to circumvent codes of conduct, regulatory expectations or laws”.</p> <h4>Culture</h4> <p>The finalized Guideline attempts to clarify what is meant by “culture”. While continuing to state that “there is no ideal culture”, the Guideline now specifies that a FRFI’s culture should be consistent with its “behavioural expectations of what is considered acceptable and unacceptable”.</p> <h4>Governance</h4> <p>Under the heading of “governance”, the Guideline now requires that behavioural expectations be communicated to “employees, contractors and stakeholders” rather than to “staff, senior leaders and stakeholders”. The recommendations for codes of conduct have been reworked, e.g. to allow for the incorporation of the conflict of interest code into the code of conduct document. The Guideline clarifies that a code of conduct should include “the detection, disclosure, avoidance, and management of real, potential, and perceived conflicts of interest” and that such codes should be reviewed and updated regularly.</p> <h4>Compliance</h4> <p>One significant substantive change to the compliance principle is the expectation that FRFIs will bring to their employees’ attention “external channels to raise concerns”, such as government whistleblower programs.</p> <h3>Security</h3> <h4>Threat assessment period</h4> <p>The general discussion of the concept of security now states that security threat assessments should take place “at least annually”, rather than “regularly” as stated in the draft version.</p> <h4>Physical premises</h4> <p>The final Guideline clarifies that the scope and frequency of “periodic sweeps for covert devices” are to be proportional to the threat environment.</p> <h4>Background checks</h4> <p>The Guideline now states that background checks are to be “risk-based” and deletes the expectation that they be “equivalent to the Government of Canada’s Enhanced Reliability Check minimum standard”. The content of a background check is now stated in more flexible language, with credit checks and criminal record checks to be focused on responsible persons (e.g. directors and senior management) and “contractors occupying higher-risk positions”, although OSFI may request that specific individuals obtain a higher level of security clearance in view of their roles and responsibilities.</p> <h4>Technology assets, data and information</h4> <p>Proportionality qualifiers have been incorporated into OSFI’s expectations regarding the protection of a FRFI’s technology assets, data and information.</p> <h4>Third party risks</h4> <p>The finalized Guideline states that due diligence on a third party “should be proportional to the third party’s access to the financial institution’s physical premises, people, technology assets, and data and information” and removes what OSFI acknowledges were impractical expectations with respect to background checks of senior leaders of third parties.</p> <h4>Undue influence, foreign interference, and malicious activity</h4> <p>The expectation in the draft Guideline that any suspicion of undue influence, foreign interference, and malicious activity be reported immediately to law enforcement authorities has been reduced, in the finalized Guideline, to a statement that FRFIs are “encouraged” to report to such authorities (and to OSFI) when there are “reasonable grounds” to believe that an incident of this type has occurred. However, any such incident that the FRFI deems not to meet its reporting threshold “should be documented and inventoried … as part of the management reporting process to senior management.”</p> <h2>Implementation Schedule</h2> <p>On releasing the finalized Guideline, OSFI also published an implementation schedule that is intended to give institutions the time they require to adjust to the new regulations. The deadlines are as follows:</p> <p><strong>Immediately:</strong> Observe the expectation to notify OSFI with respect to reports that are made to CSIS or law enforcement.</p> <p><strong>July 31, 2024:</strong> Submission of a “comprehensive action plan” to OSFI with respect to the new and expanded expectations. This includes “interim deliverables to achieve compliance”.</p> <p><strong>January 31, 2025:</strong> All expectations must be observed by this date, with the exception of those relating to background checks.</p> <p><strong>July 31, 2025:</strong> Expectations relating to background checks must be observed.</p> <hr /> <p><a href="#_ftnref1" name="_ftn1"><sup>[1]</sup></a> The Guideline follows amendments to FRFI statutes in Division 33 of Bill C-47, the <a rel="noopener noreferrer" target="_blank" href="https://www.parl.ca/documentviewer/en/44-1/bill/C-47/royal-assent"><em>Budget Implementation Act</em></a>, which received Royal Assent on June 22, 2023. In effect as of January 1, 2024, the amendments extend OSFI’s mandate to include the supervision of FRFIs to determine whether they have established policies and procedures adequate to protect against threats to integrity and security, including foreign interference.</p>12-Feb-2024 09:44:00{AF04F9C3-4DD2-4B73-AD45-BA0231B3C1E7}https://stikeman.com/en-ca/kh/canadian-securities-law/amf-publishes-draft-climate-risk-management-guidelineStéphane Rousseauhttps://stikeman.com/en-ca/people/r/stephane-rousseauStuart S. Carruthershttps://stikeman.com/en-ca/people/c/stuart-s-carruthersAlix d'Anglejan-Chatillonhttps://stikeman.com/en-ca/people/d/alix-d-anglejan-chatillonRamandeep K. Grewalhttps://stikeman.com/en-ca/people/g/ramandeep-k-grewalCanadian Securities LawFinancial Services UpdateInsurance Law UpdateAMF Publishes Draft Climate Risk Management Guideline<p><strong>Late last year, the Autorité des marchés financiers (“AMF”), the organization that oversees Québec’s financial industry, published a draft <a rel="noopener noreferrer" target="_blank" href="https://lautorite.qc.ca/fileadmin/lautorite/consultations/lignes-directrices/2024-01-30-fin/2023nov30-LD-changements-climatiques-cons-en.pdf">Climate Risk Management Guideline</a> (the “Guideline”) which will apply to licensed insurers, financial services cooperatives, authorized trust companies and other authorized deposit institutions. Given the likelihood and potential impacts of climate-related risks, which are considered systemic, the Guideline aims to strengthen the resilience of the financial industry in general along with the financial institutions the AMF regulates.</strong></p> <h2>Background</h2> <p>Climate change could have significant consequences for the security and soundness of financial institutions as well as the financial system as a whole. In this context, the AMF developed the Guideline so that Québec financial institutions would soundly and prudently address and manage climate change risks. The Guideline incorporates the recommendations of the Task Force on Climate-related Financial Disclosures (“TCFD”), the International Association of Insurance Supervisors and the Bank for International Settlements. The Guideline follows the publication in June 2022 of the AMF’s report entitled <a rel="noopener noreferrer" target="_blank" href="https://lautorite.qc.ca/fileadmin/lautorite/grand_public/publications/professionnels/rapport-changements-climatiques_en.pdf">Climate Change Risks: Measures implemented to date by financial institutions</a>.</p> <h2>The AMF’s Expectations</h2> <p>The Guideline sets out the AMF’s expectations regarding six (6) topics relating to climate change risk:</p> <ul> <li><strong>Governance:</strong> the roles and responsibilities of the members of the Board of Directors and senior management should be clearly defined so that they may assume their duties in addressing climate-related risks. The financial institution should address climate change-related impacts and the transition to a lower-carbon economy in its strategy.</li> <li><strong>Integrated risk management</strong>: the financial institution should identify and assess the potential impacts of climate-related risks and implement mitigation measures, while stating how its activities are integrated into its overall risk management and control framework.</li> <li><strong>Climate scenarios and stress testing:</strong> the financial institution should carry out climate scenario analysis to assess the impact of climate risk factors on its risk profile, business strategy and business model.</li> <li><strong>Capital and liquidity adequacy:</strong> the financial institution should maintain sufficient capital and liquidity to cover its climate risk exposures.</li> <li><strong>Fair treatment of clients:</strong> the financial institution should take into account changes in climate-related risks when designing, marketing and advertising new products or altering existing ones, so that its products deliver the benefits and features reasonably expected by different client groups. The disclosures sent to clients before, upon and after purchase of a product offered by the financial institution should address changes in climate-related risks.</li> <li><strong>Financial disclosure:</strong> the financial institution should publicly disclose the main elements of its governance, integrated risk management, and its climate scenarios and climate-related stress testing at least annually. In doing so, the financial institution should follow five principles for effective disclosure: (i) provide relevant, specific and comprehensive information; (ii) provide information that is clear, balanced and understandable for both the general public and more sophisticated stakeholders; (iii) maintain a neutral stance in its disclosure, disclosing in particular reliable, verifiable and objective information; (iv) disclose information appropriate for its size, nature and complexity; and (v) disclose consistently from one fiscal year to another. The financial institution should also disclose its greenhouse gas emissions and its targets used to manage climate-related risks and assess its performance against its targets.</li> </ul> <p>The AMF’s expectations follow the principles of <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/b15-dft.aspx">Guideline B-15 of the Office of the Superintendent of Financial Institutions on Climate Risk Management</a>. This convergence reflects the objective shared by the federal and Québec regulators, i.e., to strengthen the resilience of the financial industry and financial institutions, as well as the influence of the guidelines of international organizations and task forces on the federal and Québec guidelines.</p> <p>The Guideline is notable in that it sets out its expectations for the fair treatment of clients. This reflects the AMF’s twofold mission to regulate the financial industry and oversee consumer protection.</p> <h2>Additional Information</h2> <p>The Guideline has been published as a draft for a consultation period that will end on January 30, 2024.</p>17-Jan-2024 09:19:00{AB5D5CAB-E36A-4E68-8B42-E2BB97FADEC2}https://stikeman.com/en-ca/kh/tax-law/tax-courts-denial-of-a-banks-gst-hst-rebate-claims-affirmedJean-Guillaume Shoonerhttps://stikeman.com/en-ca/people/s/jean-guillaume-shoonerAntonin Lapointehttps://stikeman.com/en-ca/people/l/antonin-lapointeTax Law UpdateFinancial Services UpdateTax Court’s Denial of a Bank’s GST/HST Rebate Claims Affirmed; No Issue Estoppel as Retroactive GST/HST Legislation Had Been Enacted Since Previous Judgement Regarding Same Supplies<p><strong>This dispute arose when the Canada Revenue Agency (“CRA”) reassessed President’s Choice Bank (“PCB”) for uncollected GST/HST on bundled supplies made to a major Canadian bank (the “Bank”) and denied the Bank’s rebate claims for GST/HST allegedly paid in error to PCB. The CRA was of the view that the supply of bundled rights made by PCB to the Bank was not an exempt “financial service” as defined under subsection 123(1) of the <em>Excise Tax Act</em> (Canada) (the “ETA”). </strong></p> <p>On September 28, 2023, the <a rel="noopener noreferrer" href="https://canlii.ca/t/k0dd9" target="_blank">Federal Court of Appeal upheld</a> two Tax Court of Canada (“TCC”) rulings relating to the characterization of the supply and to whether the TCC was required to apply factual findings from a previous TCC decision rendered in 2009 (the “2009 Decision”) to the present case. The TCC rulings had dismissed:</p> <ol> <li>The Bank’s <a rel="noopener noreferrer" href="https://canlii.ca/t/jlzt1" target="_blank">motion to apply the findings of fact from the 2009 Decision</a> in which the exempt nature of PCB’s supply to the Bank had been affirmed (albeit with respect to earlier reporting periods) (the “Motion Order”); and</li> <li>The Bank’s <a rel="noopener noreferrer" href="https://canlii.ca/t/jqz0r" target="_blank">appeal of the CRA’s decision to deny its GST/HST rebate claims</a> (the “Rebate Judgment”)</li> </ol> <p>The TCC had determined that the supply made by PCB to the Bank was excluded from the list of supplies that qualify as a “financial service” as defined in subsection 123(1) of the ETA, pursuant to the application of paragraph (r.5). That paragraph was added by amendments to the ETA that were enacted in 2010 with retroactive effect to December 17, 1990 (the ”2010 Amendments”). As a consequence, the supply of bundled rights by PCB to the Bank was held by the TCC to be taxable for GST/HST purposes.</p> <h2>Background</h2> <h3>The agreements</h3> <p>In 1997, the Bank and the Loblaws Companies Limited (“Loblaws”) entered into a Financial Service Agreement (“FSA”) and a Loyalty Service Agreement (“LSA”). Under these two agreements (collectively, “the PCF Agreements”), which were later assigned to PCB, Loblaws’ wholly-owned indirect subsidiary, the Bank gained:</p> <ul> <li>Access to new customers through the positioning of the highly regarded PCB brand in Loblaws’ large network of retail stores;</li> <li>A loyalty program under which the Bank could issue points to Loblaws customers; and</li> <li>The right to be the seller of PCB’s products.</li> </ul> <p>Collectively, the above were referred to in the litigation as the “Bundle of Rights” to which the Bank was entitled under the agreement.</p> <p>In addition to the Bundle of Rights, the PCF Agreements contemplated that a team of approximately 15 employees from both sides (the “Employees”) worked together to ensure that the business deal would be mutually beneficial. The Employees collaborated on product design, promotional services and marketing initiatives with the common objective of persuading Loblaws customers to purchase financial products from the Bank. The FSA was later amended to reflect this collaboration, by changing the way fees were calculated to include revenue sharing payments.</p> <h3>Was this a supply of a “financial service”?</h3> <p>PCB did not collect GST/HST on the supply it made to the Bank as per the PCF Agreements because its view, initially at least, was that the supply of the Bundle of Rights constituted a supply of a “financial service” as defined in subsection 123(1) of the ETA. According to that definition, something is a supply of a financial service if it is listed in any of paragraphs (a) to (m) thereunder (the “Inclusionary Paragraphs”) – unless it also falls under one of the exclusions in paragraphs (n) to (t) (the “Exclusionary Paragraphs”). In that case, it is deemed not to be a financial service, which makes it taxable.</p> <p>Inclusionary Paragraph (l) specifically refers to an agreement to provide or the “arranging for” a service referred to in any of Inclusionary Paragraphs (a) to (i). Notably in response to the broad interpretation of the definition of “financial service” in the 2009 Decision, Parliament passed the 2010 Amendments which added two new Exclusionary Paragraphs – (r.4) and (r.5) – which exclude the supply of certain services and property as follows (emphasis added):</p> <p style="padding-left: 30px;"><strong>(r.4) </strong><span style="text-decoration: underline;">a service</span> (other than a prescribed service) that is preparatory to the provision or the potential provision of a service referred to in any of paragraphs (a) to (i) and (l), or that is provided in conjunction with a service referred to in any of those paragraphs, and that is<br /> (i) a service of collecting, collating or providing information, or<br /> (ii) a market research, product design, document preparation, document processing, customer assistance, promotional or advertising service or a similar service<br /> <strong>(r.5) </strong><span style="text-decoration: underline;">property</span> (other than a financial instrument or prescribed property) that is delivered or made available to a person <span style="text-decoration: underline;">in conjunction with the rendering by the person of a service referred to in any of paragraphs (a) to (i) and (l)</span>….</p> <h2>Tax Court of Canada Rulings</h2> <h3>Arguments on the Motion Order</h3> <p>In the course of its appeal, the Bank initially filed a motion for an order allowing its appeal from the CRA assessments denying its rebate claims for GST/HST paid after 2002. It argued that one or more of the doctrines of <em>res judicata</em>, issue estoppel or abuse of process precluded a re-litigation of the issue of the nature of the supplies made by PCB as that issue had been determined in the 2009 Decision. Specifically, the Bank took the position that it would be abusive to allow the character of the supplies to be determined through a hearing of the appeal that would allow for a new factual matrix to be established by the trial judge after hearing full evidence on the issue.</p> <p>The Crown replied that the central issue in the current litigation related to different reporting periods and that the issue had not been adjudicated in 2009 because, at that time, the TCC had not determined whether Exclusionary Paragraphs (r.4) and (r.5), applied (for the very good reason that they didn’t exist yet).</p> <h3>Decision</h3> <p>The TCC agreed with the Crown that the doctrine of <em>res judicata</em> could not apply when the statute underlying the previous decision had subsequently been amended in a respect relevant to the current matter. Retroactive amendments specifically narrowing the scope of services that previously qualified as exempt services require a new legal analysis and determination based on the post-2010 Amendments definition of “financial service”. Having determined that doctrines such as issue estoppel and abuse of process did not apply, Justice Hogan ruled that he was not bound to apply the factual findings of the 2009 Decision:</p> <p style="padding-left: 30px;">"In the instant case, at best, we are left to speculate on what Justice Lamarre would have decided if she had been tasked to consider the scope of application of the new provisions. The judgment that she has rendered now hangs by a thread because of the new financial services definition. This is hardly a case where the principle of finality requires me to give effect to the issue estoppel and/or abuse of process doctrines."</p> <h3>Arguments on the Rebate Judgment</h3> <p>The Crown argued that the predominant element of the supply made by PCB to the Bank was the Bundle of Rights and that the compound supply of marketing, product design, and promotional services provided by the Employees were secondary elements. According to the Crown, both elements were excluded from the definition of “financial service” in subsection 123(1) of the ETA under both Exclusionary Paragraphs (r.4) and (r.5). In all cases, the supply made by PCB to the Bank was therefore, in the Crown’s view, a taxable supply.</p> <p>The Bank advanced several arguments in response:</p> <ul> <li>It argued that PCB was acting as an intermediary “to bring the financial services to customers and [PCB’s] major role in the process of providing financial services by [the Bank]”. Relying on the 2009 Decision, counsel for the Bank argued that the arrangement between the Bank and PCB consisted in “arranging for” the provision of financial services to PCB’s customers and constituted an exempt supply of a financial service within the meaning of Inclusionary Paragraph (l).</li> <li>It asked the TCC to determine first whether PCB’s supply was described in Inclusionary Paragraph (l), and as second step, determine whether PCB’s supply can be excluded pursuant to Exclusionary Paragraphs (r.4) and (r.5).</li> <li>It also argued that the relationship between the parties was of the nature of a partnership or a joint venture. Though the argument might have proven fruitful (since distributions of revenue to partners or between joint venturers are deemed not to be a supply for GST/HST purposes), it ran up against the wording of the PCF Agreements, which expressly excluded any partnership or joint venture relationship between the parties and was therefore disregarded by Justice Hogan.</li> </ul> <h3>Decision</h3> <p>At the outset, Justice Hogan rejected the Bank’s suggested approach and ruled that his analysis should start with Exclusionary Paragraphs (r.4) and (r.5), since the application of the Inclusionary Paragraphs would be a moot point if either of the Exclusionary Paragraphs applied. Justice Hogan therefore made sure that the proverbial cart was properly placed behind the proverbial horse.</p> <p>Justice Hogan then used a “two-step test” developed by the FCA in <a rel="noopener noreferrer" target="_blank" href="https://www.canlii.org/en/ca/fca/doc/2013/2013fca269/2013fca269.html?resultIndex=1"><em>Global Cash Access (Canada) Inc. v. R</em>.</a> (2013) and <a rel="noopener noreferrer" target="_blank" href="https://www.canlii.org/en/ca/fca/doc/2016/2016fca316/2016fca316.html"><em>Great-West Life Assurance Co. v. R</em>.</a> (2016) to identify the predominant elements of a single compound supply. As a first step, one needs to examine all of the components of the supply that is received. Then, in the event of a compound single supply, the predominant elements of such supply must be identified. This may be achieved by examining the contractual arrangement between the parties, the commercial efficacy of the arrangement and other relevant elements of their business relationship.</p> <p>Justice Hogan concluded that the main reason the Bank entered into the PCF Agreements was to gain access to Loblaws’ clientele. The predominant element of the supply was therefore the Bundle of Rights (which was property, and not a service under the ETA) that enabled the Bank to sell its financial products and services to Loblaws’ customers. As such, the supply was a taxable supply of the Bundle of Rights subject to the application of Exclusionary Paragraph (r.5).</p> <p>For their part, the Employees’ contribution – primarily relating to marketing research, promotions and generally ensuring that the arrangement worked out profitably – was “at best, a secondary element of the [the supply made by PCB to the Bank]”. In any case, even if they had been the predominant element, these services would also have been excluded but in that case, under Exclusionary Paragraph (r.4), Justice Hogan noted.</p> <h2>Federal Court of Appeal Ruling</h2> <p>The central issues before the FCA were to determine whether Justice Hogan had erred in the Motion Order or the Rebate Judgment.</p> <h3>Motion Order</h3> <p>On appeal, the Bank alleged that the TCC had made the following errors:</p> <ol> <li>finding that the “same issue” requirement was not satisfied for the purposes of issue estoppel and abuse of process;</li> <li>concluding that the 2010 Amendments allowed the TCC to redetermine the substance of the supply made by PCB;</li> <li>its interpretation of “service” in subparagraph (ii) of Inclusionary Paragraph (l); or</li> <li>misconstruing the nature and scope of the TCC judge’s residual discretion.</li> </ol> <p>The FCA found that the first three alleged errors were essentially asking the same question, i.e., the effect of the 2010 Amendments on the question whether the 2009 Decision had decided the “same issue” that was at issue in the case at hand. The FCA found that determining whether PCB supplied financial services to the Bank required the TCC to consider the <em>applicable</em> definition of “financial service” in the ETA. In this case, the <em>applicable</em> definition was in fact the definition as modified by the 2010 Amendments as such amendments had a retroactive effect to December 17, 1990.</p> <p>As the FCA wrote:</p> <p style="padding-left: 30px;">“The issue is … whether [the Bank] was paying [PCB] for financial services based on the revised definition of financial service which was not considered (nor could it have been considered) in the 2009 Decision.”</p> <p>The 2010 Amendments included Exclusionary Paragraph (r.5), which specifically excludes a supply of property from the definition of “financial service.” In the view of the FCA, this exclusion must have reflected a concern on the part of Parliament that certain supplies of property might, in the absence of this new paragraph, have been considered a financial service. The FCA also noted that the definition of “financial service” in the ETA appears to leave the door open for the inclusion of property in some circumstances – this may explain why Parliament, in 2010, decided that Exclusionary Paragraph (r.5) was needed.</p> <p>The key question was whether the application of Inclusionary Paragraph (l), which states that “financial service” includes providing or arranging for financial services, would or would not have applied differently as a consequence of the 2010 Amendments. Subparagraph (<em>l</em>)(ii) excludes from this definition any “service” that is referred to in any of the Exclusionary Paragraphs. The Bank’s argument was that since Exclusionary Paragraph (r.5) refers to <em>property</em> rather than a service (which, unlike the term “financial service”, is defined to specifically exclude property in the ETA), the addition of paragraph (r.5) in the 2010 Amendments did not change the 2009 analysis.</p> <p>The FCA, like the TCC, agreed with the Bank on that point, as far as it went. But it did not go far enough, since the definition of “financial service” also provides that financial services do not include anything specified in the Exclusionary Paragraphs (whether it is a service or property). This includes paragraph (r.5)’s reference to “property … that is delivered or made available to a person in conjunction with the rendering by the person of a service referred to” in Inclusionary Paragraph (<em>l</em>). Clearly this was a change that could not have been considered in the 2009 Decision and which, by extension, made it impossible to maintain that the issue in the current case was identical to the issue that was decided then.</p> <p>The FCA accordingly went on to conclude:</p> <p style="padding-left: 30px;">“any property that is delivered or made available to the [Bank] in conjunction with [its] arranging to provide banking or credit services will not be a financial service.”</p> <p>It agreed with the TCC that the addition of new Exclusionary Paragraphs (r.4) and (r.5) as part of the 2010 Amendments raised a new issue of whether, in light of these new provisions, PCB was in fact providing a “financial service” to the Bank and that the 2009 Decision could not account for such new provisions.</p> <h3>Rebate Judgment</h3> <p>Having resolved the “new issue” question, the FCA proceeded to consider the substantive issue of whether the Bank’s payments on account of GST/HST should be rebated. The Bank alleged the following errors in the Rebate Judgment:</p> <ol> <li>That it was decided on a basis that was not advanced by either party;</li> <li>That it incorrectly concluded that the determination of the substance of the supply in the 2009 Decision had been rendered obsolete by the 2010 Amendments; and</li> <li>That it incorrectly concluded that the substance of the supply under the PCF Agreements was a supply of property.</li> </ol> <p>The first argument was quickly dismissed by the FCA on the ground that the issues in question were all of mixed fact and law and that it is up to the TCC Judge to make findings of fact, which do not need to correspond to the facts as perceived by any of the litigants. His determinations, the FCA noted, were based on the evidence led by the parties, including agreements and witness testimony, as well as on contractual interpretation. Moreover, the Bank had not identified any “theory” of the case that had not been raised by one or other of the parties.</p> <p>The FCA was of the view that the second argument simply repeated the argument on the appeal of the Motion Order (see above) and should be dismissed in light of the FCA’s determination of that appeal.</p> <p>With respect to the Bank’s third argument – that Justice Hogan had erred in his findings on the substance of the supply made by PCB to the Bank – the FCA determined that the standard of review for a question of fact or mixed fact and law, such as this one, is palpable and overriding error. The error that the Bank alleged was that the TCC had found that it had rented premises from PCB, but the FCA held that Justice Hogan had found only that PCB had given the Bank the right to solicit customers inside Loblaws’ grocery stores, which was not the same thing as renting the premises. Thus, the allegation of a palpable and overriding error was dismissed, along with the Bank’s appeals generally.</p> <h2>Key Takeaways</h2> <ul> <li>The FCA confirmed the Motion Order and corroborated that the doctrines of issue estoppel (as part of the doctrine of <em>res judicata</em>) and abuse of process should not apply following the enactment of retroactive legislative amendments where such amendments require a set of facts to be analyzed under a legislative framework different from that which was applied to a similar or identical set of facts that were adjudicated prior to the amendments.</li> <li>The introduction of new Exclusionary Paragraphs as part of the 2010 Amendments stemmed from Parliament's concern that judicial findings characterizing certain services as financial services could have the effect of eroding the GST/HST tax base by removing them from the category of taxable supplies. The decision in this case appears to reflect Parliament’s intentions, since PCB's “Bundle of Rights” (as predominant element) and the Employees’ contribution (as a secondary element) supplied to the Bank all fall within Exclusionary Paragraphs (r.4) and (r.5) introduced as part of the 2010 Amendments and should not, therefore, be characterized as exempt supplies.</li> <li>The FCA ruled that the definition of “financial service” in subsection 123(1) of the ETA does not specifically refer to “service” in its preamble, and even if the definition of “service” in subsection 123(1) means “anything other than ... property,” a supply of <em>property</em> could in theory be a <em>financial service</em> (unless it is otherwise excluded under Exclusionary Paragraph (r.5)) since “financial service” has its own definition that does not specifically rely on the definition of “service”.</li> </ul> <p><em>The authors would like to thank <a href="/en-ca/people/m/sean-martel">Sean Martel</a>, stagiaire, for his collaboration.</em></p>16-Nov-2023 07:02:00{B27586C0-0BD2-4D76-ACCD-437EE0816556}https://stikeman.com/en-ca/kh/financial-services/understanding-canadas-evolving-blockchain-and-cryptocurrency-regulationsAlix d'Anglejan-Chatillonhttps://stikeman.com/en-ca/people/d/alix-d-anglejan-chatillonRamandeep K. Grewalhttps://stikeman.com/en-ca/people/g/ramandeep-k-grewalÉric Lévesquehttps://stikeman.com/en-ca/people/l/eric-levesqueFinancial Services UpdateCanadian Securities LawCanadian Technology & IP LawTax Law UpdateUnderstanding Canada’s Evolving Blockchain and Cryptocurrency Regulations<p><a href="/en-ca/people/d/alix-d-anglejan-chatillon">Alix d’Anglejan-Chatillon</a>, <a href="/en-ca/people/g/ramandeep-k-grewal">Ramandeep Grewal</a>, and <a href="/en-ca/people/l/eric-levesque">Éric Lévesque</a>, of our Toronto and Montreal offices, have recently updated <a href="/-/media/files/kh-general/stikeman-elliott---blockchain--cryptocurrency-regulation-2024.ashx">the "Canada" chapter</a> in the <em>Blockchain & Cryptocurrency Regulation 2024</em>, published by <a rel="noopener noreferrer" target="_blank" href="https://www.globallegalinsights.com/">Global Legal Insights</a>. This chapter provides an excellent overview of the rapidly developing area of law in Canada, focusing on the following topics:</p> <ul> <li>Government attitude and definition</li> <li>Cryptocurrency regulation</li> <li>Sales regulation</li> <li>Ownership and licensing requirements</li> <li>Promotion and testing</li> <li>Money transmission laws and anti-money laundering requirements</li> <li>Reporting requirements</li> <li>Border restrictions and declaration</li> <li>Mining</li> <li>Taxation</li> <li>Other Canadian legislative requirements</li> </ul> <p>We are pleased to be able to make this <a href="/-/media/files/kh-general/stikeman-elliott---blockchain--cryptocurrency-regulation-2024.ashx">16-page publication</a> available for downloading.</p>03-Nov-2023 05:04:00{6A88AEB3-A18A-4D7A-9B1D-9E9F23E35309}https://stikeman.com/en-ca/kh/insurance-law/osfis-draft-security-and-integrity-guideline-whats-expected-of-frfis-and-whenAndrew S. Cunninghamhttps://stikeman.com/en-ca/people/c/andrew-s-cunninghamStuart S. Carruthershttps://stikeman.com/en-ca/people/c/stuart-s-carruthersInsurance Law UpdateFinancial Services UpdateOSFI’s Draft Security and Integrity Guideline: What’s Expected of FRFIs and When?<p><strong>On October 13, 2023, OSFI released its draft </strong><a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/is-si.aspx"><strong>Integrity and Security Guideline</strong></a><strong> (“Guideline”).</strong><strong> The Guideline, which would layer new and expanded expectations over existing applicable guidance, would apply to all Federally Regulated Financial Institutions (“FRFIs”), including foreign bank and insurance company branches in relation to their Canadian business.</strong></p> <p>The consultation period is short, with <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/osfi-bsif/med/Pages/e21-is-nr.aspx"><strong>responses due by November 24, 2023</strong></a>. OSFI will issue the final Guideline by January 31, 2024.</p> <h2>Background</h2> <p>The Guideline follows amendments to FRFI statutes in Bill C-47, the <a rel="noopener noreferrer" target="_blank" href="https://www.parl.ca/DocumentViewer/en/44-1/bill/C-47/second-reading"><em>Budget Implementation Act</em></a>, which received Royal Assent on June 22, 2023. In effect as of January 1, 2024, the amendments extend OSFI’s mandate to include the supervision of FRFIs to determine whether they have established policies and procedures adequate to protect against threats to integrity and security, including foreign interference. Among other things, this requires OSFI to assess FRFIs with respect to their adoption of adequate policies and procedures at least once per year.</p> <h2>Key Concepts</h2> <p>The concepts of <strong>integrity</strong> and <strong>security</strong> ground the 10 principles set out in the Guideline. As noted below, the subject matter of many of the principles is already considered in existing and pending OSFI guidelines: in those cases, the new Guideline is intended to complement the existing guidance rather than as a replacement for it.</p> <h3>Integrity Principles</h3> <h4>1. Character</h4> <p><em>Senior leaders are of good character and demonstrate integrity through their words, actions, and decisions.</em></p> <p>See also <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/E17_final.aspx">Guideline E-17: Background Checks on Directors and Senior Management</a>.</p> <h4>2. Culture</h4> <p><em>Culture consistent with ethical norms is deliberately shaped, evaluated and maintained. </em></p> <p>While this does not mean that there is one “ideal culture”, all organizations should strive for a culture that reflects a commitment to ethical behaviour.</p> <p>See also <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/cbrsk_dft.aspx">OSFI’s draft Culture and Risk Behaviour Guideline</a>, as discussed in <a rel="noopener noreferrer" target="_blank" href="https://www.stikeman.com/en-ca/kh/insurance-law/osfi-releases-draft-culture-and-behaviour-risk-guideline">our previous post</a>.</p> <h4>3. Governance</h4> <p><em>Governance structures subject actions, omissions, and decisions to appropriate scrutiny and promote ethical behaviour.</em></p> <p>This includes (among others) effective governance of all important decisions, oversight of senior leaders, conflict of interest policies and codes of conduct applying to all staff and backed up with regular training.</p> <p>See also OSFI’s <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/CG_Guideline.aspx">Corporate Governance Guideline</a> and, in the case of foreign banks and insurers, <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/e4.aspx">Guideline E-4: Foreign Entities Operating in Canada on a Branch Basis</a>.</p> <h4>4. Compliance</h4> <p><em>Effective mechanisms to identify and verify compliance with standards, regulations, and the law exist.</em></p> <p>Key compliance requirements include (among others) the establishment of an enterprise-wide Regulatory Compliance Management (“RCM”) Framework to evaluate actions, omissions and decisions against applicable laws, regulations and standards, while also providing channels for feedback and whistleblowing.</p> <p>See also <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/e13.aspx">Guideline E-13: Regulatory Compliance Management</a>.</p> <h3>Security Principles</h3> <h4>5. Physical premises</h4> <p><em>Physical premises are safe and secure and monitored appropriately.</em></p> <p>This includes not only office space but other sensitive areas such as file storage locations and technology assets. Security inspections, including sweeps for covert devices, should be carried out at intervals appropriate to the “threat environment”.</p> <p>See also <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/b13.aspx">Guideline B-13: Technology and Cyber Risk Management</a> and <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/e21-dft.aspx">draft Guideline E-21: Operational Risk Management and Operational Resilience</a>.</p> <h4>6. People</h4> <p><em>People should be subject to appropriate background checks and security screening, and strategies should be put in place to manage risk</em>.</p> <p>Security controls should be established to ensure that individuals in the organization are not under undue influence, foreign interference or involved in malicious activity. The extent of security screening will depend on factors such as authority, seniority and access to sensitive information. The Guideline provides general guidance on the nature of the necessary background checks.</p> <p>See also <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/E17_final.aspx">Guideline E-17: Background Checks on Directors and Senior Management</a>.</p> <h4>7. Technology assets</h4> <p><em>Technology assets should be secure, with weaknesses identified and addressed, effective defences in place, and issues identified accurately and promptly.</em></p> <p>See also <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/b13.aspx">Guideline B-13: Technology and Cyber Risk Management</a>.</p> <h4>8. Data and information</h4> <p><em>Data and information should be subject to appropriate standards and controls ensuring its confidentiality, integrity, and availability.</em></p> <p>Data security should be in place at all stages of the data life-cycle. Data should be classified with respect to its vulnerability and data access by personnel should be restricted accordingly, with mechanisms in place to detect unauthorized access.</p> <p>See also <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/b13.aspx">Guideline B-13: Technology and Cyber Risk Management</a>.</p> <h4>9. Third-party risks</h4> <p><em>Third parties should be subject to equivalent and proportional measures to protect against threats.</em></p> <p>This principle requires consideration of potential security risks posed by third parties such as contractors and their subcontractors. It states, among other things, that accountability for outsourced business functions remains with the financial institution. It also recommends transparent procurement processes with objective selection and decision-making procedures.</p> <p>See also <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/b10_dft_2022.aspx">Guideline B-10: Third-Party Risk Management</a>.</p> <h4>10. Undue influence, foreign interference, and malicious activity</h4> <p><em>Threats stemming from undue influence, foreign interference, and malicious activity should be promptly detected and reported.</em></p> <p>OSFI has additional expectations for threats involving undue influence, foreign influence or malicious activity. Measures should be in place to detect such threats promptly and to ensure that investigations are confidential and independent. Instances involving foreign interference should be reported to the RCMP, CSIS and OSFI.</p> <h2>Timing Issues</h2> <p>On October 20, 2023, <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/is-si-faq.aspx">OSFI published a FAQ</a> document clarifying a number of issues, including some relating to timing. While the legislation is effective January 1, 2024, the Guideline may not be finalized until the end of that month. In the interim, FRFIs should ensure that they have adequate policies and procedures in place to protect against threats to their integrity and security, follow all relevant existing Guidelines, and meet specific expectations in the Guideline, such as the expectation that foreign interference, undue influence and malicious activity be promptly reported to law enforcement (see Principle 10, above).</p> <p>FRFIs must immediately develop adequate policies and procedures for <strong>all new risk areas identified in the Guideline</strong>. However, they are <strong>not</strong> expected to meet expectations in the Guideline, prior to its finalization, other than those that are specific and actionable without further guidance. In other words, they must address the new risk areas but do not have to do so in accordance with expectations for which further guidance is required, some of which are referred to in <a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/osfi-bsif/med/sp-ds/Pages/ty20231013.aspx?utm_source=osfi-bsif&utm_medium=email&utm_campaign=osfi-bsif-email">remarks by OSFI Assistant Superintendent Tolga Yalkin</a>, published on October 23, 2023, including character assessment of board members and senior management. The FAQs note that required background checks do not have to have been conducted by January 1, 2024. Timelines for the completion of background checks will be announced later.</p> <p>The FAQs state that FRFIs are not expected to meet expectations in <strong>existing guidelines</strong> before their effective dates.</p> <h2>Foreign Operations</h2> <p>In addition, the FAQs state that nothing in the Guideline prevents a FRFI from operating in any foreign jurisdiction.</p>24-Oct-2023 02:13:00{77B1E365-6708-4FCE-94F0-80DDAA574856}https://stikeman.com/en-ca/kh/insurance-law/osfi-releases-new-supervisory-framework-for-frfis-and-pension-plansStuart S. Carruthershttps://stikeman.com/en-ca/people/c/stuart-s-carruthersAndrew S. Cunninghamhttps://stikeman.com/en-ca/people/c/andrew-s-cunninghamInsurance Law UpdateFinancial Services UpdateOSFI Releases New Supervisory Framework for FRFIs and Pension Plans<p><strong>On October 4, 2023, the Office of the Superintendent of Financial Institutions (“OSFI”) </strong><a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/eng/osfi-bsif/rep-rap/blueprint-plan-directeur/Pages/supervision-surveillance-let.aspx?utm_source=osfi-bsif&utm_medium=email&utm_campaign=osfi-bsif-email"><strong>released details</strong></a><strong> of a new </strong><a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/eng/osfi-bsif/rep-rap/blueprint-plan-directeur/Pages/supervision-surveillance-let.aspx?utm_source=osfi-bsif&utm_medium=email&utm_campaign=osfi-bsif-email"><strong>supervisory framework</strong></a><strong> (“New Framework”) that will apply as of April 1, 2024 to federally-regulated financial institutions (“FRFIs”) and pension plans. This initiative is part of OSFI’s comprehensive “</strong><a rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/osfi-bsif/rep-rap/Pages/bl-pd.aspx"><strong>Blueprint</strong></a><strong>” transformation program, and will be the most comprehensive update to OSFI’s supervisory framework in the last 25 years. OSFI will publish more information about the New Framework in early 2024.</strong></p> <p>OSFI has constructed the New Framework to give it the flexibility it considers it needs to respond to the current risk environment, with a particular focus on:</p> <ul> <li>macro-economic risks that may impact FRFIs and pension plans;</li> <li>new business models; and</li> <li>new risks, including non-financial risks.</li> </ul> <p>A more analytic and data-driven approach to risk supervision will be an important element of the New Framework, allowing for more timely responses to potential issues.</p> <h2>Expanded Risk Ratings</h2> <p>Under the New Framework, OSFI will supplement its existing intervention stage ratings with three new or expanded ratings:</p> <ul> <li>A rating based on size, complexity and potential for contagion;</li> <li>A “viability risk” rating on an 8-point scale; and</li> <li>Specific ratings for business risk, financial resilience, operational resilience and risk governance (for large institutions only).</li> </ul> <p>The switch-over to the New Framework is not expected to have an immediate effect on existing intervention ratings. However, because the New Framework is designed to be more responsive to changes in the risk environment, financial institutions should be prepared for more frequent fluctuations in their ratings – a change that OSFI anticipates will assist the institutions’ own efforts to respond more effectively to potential issues.</p> <h2>Enhancing OSFI’s Capacity</h2> <p>OSFI’s basic approach will continue to be, in OSFI’s view, forward-looking and principles-based, but the New Framework includes a review of best practices of prudential regulators in other jurisdictions as well as a Supervision Institute that will focus on skills development for OSFI’s supervisory staff, particularly with respect to new tools and technologies.</p> <h2>Going Forward</h2> <p>OSFI is committed to providing more information about timelines and requirements well in advance of the New Framework’s April 1, 2024 implementation date, and has released a <a rel="noopener noreferrer" target="_blank" href="https://www.youtube.com/watch?v=3yAoK1pGNmc">video discussing OSFI’s supervisory priorities</a>. Those interested in learning more may wish to attend a <a rel="noopener noreferrer" target="_blank" href="https://osfibsif.qualtrics.com/jfe/form/SV_5AZdmSQ0jnWXgqi">webinar for regulated financial institutions</a> that OSFI is holding on November 2 and 9, 2023.</p>10-Oct-2023 02:36:00{F0872313-9BA0-489C-A9FF-80CFBC0AF670}https://stikeman.com/en-ca/kh/canadian-securities-law/csa-publish-derivatives-data-reporting-transition-guidanceAlix d'Anglejan-Chatillonhttps://stikeman.com/en-ca/people/d/alix-d-anglejan-chatillonRamandeep K. Grewalhttps://stikeman.com/en-ca/people/g/ramandeep-k-grewalCanadian Securities LawCanadian Structured Finance LawFinancial Services UpdateCSA Publish Derivatives Data Reporting Transition Guidance <p><strong>A</strong><strong>mendments to swap data reporting rules are expected to be implemented by the Commodity Futures Trading Commission</strong><strong> (CFTC) in December 2022. The Canadian Securities Administrators (CSA) have issued guidance to market participants for the interim transition period where reporting counterparties will be subject to new global standards in some jurisdictions but not others. </strong></p> <p>The harmonized international derivatives data standards developed by the Committee on Payments Market Infrastructure led by the Bank of International Settlements and the International Organization of Securities Commissions (CPMI-IOSCO) are currently in the process of being implemented by securities regulators globally and are expected to be implemented by the CSA jurisdictions into their derivatives trade reporting rules (Trade Reporting Rules) in 2024. We previously wrote about <a rel="noopener noreferrer" target="_blank" href="https://www.stikeman.com/en-ca/kh/canadian-securities-law/csa-seek-comments-on-enhanced-otc-derivatives-data-reporting-amendments">proposed amendments</a> to the Trade Reporting Rules which were published earlier this year by the CSA on June 9, 2022 (CSA Proposed Amendments), and which included updated data elements to align with the recommended CPMI-IOSCO global standards. Due to the difference in timing of implementation of the CFTC and the CSA amended requirements, there will be a transition period (Transition) during which certain reporting counterparties will be subject to revised reporting requirements of the CFTC but not in Canada. <a rel="noopener noreferrer" target="_blank" href="https://www.osc.ca/sites/default/files/2022-11/csa_20221110_96-303_derivatives-data-reporting-transition-guidance.pdf">CSA Staff Notice 96-303 <em>Derivatives Data Reporting Transition Guidance</em></a> provides guidance to market participants to facilitate reporting during the Transition.</p> <h2>Transition Guidance</h2> <p>Derivatives data that is reportable under the current Trade Reporting Rules, but is not reportable under the CFTC amendments (such as the jurisdiction of a local counterparty), will continue to be reportable under the Trade Reporting Rules during the Transition period. </p> <p>During the Transition period, provided the designated or recognized trade repository supports the reporting of revised data elements required by the CFTC:</p> <ul> <li>market participants may comply with Trade Reporting Rules if they report data according to a CFTC data element that is comparable to the relevant data element in in Appendix A to the Trade Reporting Rules; and</li> <li>derivatives data that is reportable only under CFTC amendments but not under the current Trade Reporting Rules, is not reportable unless market participants choose to report this data if the relevant data element has been proposed in the CSA Proposed Amendments (such as daily margin data).</li> </ul> <p>Designated or recognized trade repositories are not required to support the option for market participants to be able to report revised data elements. As such it is recommended that market participants contact their trade repositories to understand their approach to the different reporting requirements as a result of the timing of the implementation the CFTC amendments. </p>Tue, 22 Nov 2022 12:00:00 Z22-Nov-2022 09:24:00{A53566EA-FA3B-42FE-ABA6-41ECA12D330A}https://stikeman.com/en-ca/kh/canadian-securities-law/virtual-currency-regulation-in-canada-the-legal-and-regulatory-framework-for-2023Ramandeep K. Grewalhttps://stikeman.com/en-ca/people/g/ramandeep-k-grewalAlix d'Anglejan-Chatillonhttps://stikeman.com/en-ca/people/d/alix-d-anglejan-chatillonÉric Lévesquehttps://stikeman.com/en-ca/people/l/eric-levesqueChristian Vieirahttps://stikeman.com/en-ca/people/v/christian-vieiraCanadian Securities LawCorporations & Commercial Law UpdateInsurance Law UpdateFinancial Services UpdateTax Law UpdateVirtual Currency Regulation in Canada: The Legal and Regulatory Framework for 2023<p>Four Stikeman Elliott lawyers recently updated the <a href="/-/media/files/kh-general/the-law-reviews--the-virtual-currency--regulation-review-2022.ashx">Canada chapter</a> of The Virtual Currency Regulations (5<sup>th</sup> edition), published by <a rel="noopener noreferrer" href="https://www.lbresearch.com/" target="_blank">Law Business Research Ltd</a>. This chapter provides an excellent overview of the rapidly developing area of law in Canada, focusing on the following topics:</p> <ul> <li>Introduction to the Legal and Regulatory Framework</li> <li>Anti-Money Laundering</li> <li>Other Legislative Requirements</li> <li>Criminal and Civil Fraud Enforcement</li> <li>Tax</li> <li>Regulation of Miners</li> </ul> <p>We are pleased to be able to make this <a href="/-/media/files/kh-general/the-law-reviews--the-virtual-currency--regulation-review-2022.ashx">12-page publication</a> available for downloading.</p>Mon, 07 Nov 2022 12:00:00 Z07-Nov-2022 02:32:00{FBB70C31-2E89-4996-AEC7-A95626257C26}https://stikeman.com/en-ca/kh/financial-services/blockchain-and-cryptocurrency-understanding-canadas-regulatory-regimeAlix d'Anglejan-Chatillonhttps://stikeman.com/en-ca/people/d/alix-d-anglejan-chatillonRamandeep K. Grewalhttps://stikeman.com/en-ca/people/g/ramandeep-k-grewalÉric Lévesquehttps://stikeman.com/en-ca/people/l/eric-levesqueFinancial Services UpdateTax Law UpdateCanadian Securities LawCanadian Technology & IP LawBlockchain and Cryptocurrency: Understanding Canada’s Regulatory Regime<p>Three partners from our Toronto and Montreal offices recently updated the Canada chapter of the <em><a href="/-/media/files/kh-general/blockchain--cryptocurrency-regulation-2023.ashx">Blockchain & Cryptocurrency Regulations 2023</a></em>, published by <a rel="noopener noreferrer" target="_blank" href="https://www.globallegalinsights.com/">Global Legal Insights</a>. This chapter provides an excellent overview of the rapidly developing area of law in Canada, focusing on the following topics:</p> <ul> <li>Cryptocurrency regulation</li> <li>Sales regulation</li> <li>Ownership and licensing requirements</li> <li>Promotion and testing</li> <li>Money transmission laws and anti-money laundering requirements</li> <li>Reporting requirements</li> <li>Border restrictions</li> <li>Mining</li> <li>Taxation</li> <li>Other Canadian legislative requirements</li> </ul> <p>We are pleased to be able to make this <a href="/-/media/files/kh-general/blockchain--cryptocurrency-regulation-2023.ashx">11-page publication</a> available for downloading.</p>Tue, 01 Nov 2022 11:00:00 Z01-Nov-2022 05:46:00{0908E28B-DF4F-4B4D-9A42-88B07C2C1470}https://stikeman.com/en-ca/kh/canadian-securities-law/coinsquare-capital-markets-ltd-is-admitted-to-iiroc-membership-the-first-crypto-trading-platformRamandeep K. Grewalhttps://stikeman.com/en-ca/people/g/ramandeep-k-grewalAlix d'Anglejan-Chatillonhttps://stikeman.com/en-ca/people/d/alix-d-anglejan-chatillonIrena Ninkovichttps://stikeman.com/en-ca/people/n/irena-ninkovicCanadian Securities LawFinancial Services UpdateCoinsquare Capital Markets Ltd. is Admitted to IIROC Membership: The First Crypto Trading Platform to Become a Registered Investment Dealer in Canada<p><strong>On October 12, 2022, Coinsquare Capital Markets Ltd. (CCML) was approved as a member of the Investment Industry Regulatory Organization of Canada (IIROC), the Canadian SRO for investment dealers. This is the first crypto-asset trading platform (CTP) to become a fully registered investment dealer and IIROC member firm enabling it to offer trading in Crypto Contracts to retail investors under the current joint regulatory initiative of the Canadian Securities Administrators (CSA) and IIROC to regulate CTPs under the existing securities regulatory framework.</strong></p> <h2>Background</h2> <p>On March 29, 2021, the CSA and IIROC published <a rel="noopener noreferrer" target="_blank" href="https://www.osc.ca/sites/default/files/2021-03/csa_20210329_21-329_compliance-regulatory-requirements.pdf"><em>Joint Staff Notice 21-329 Guidance for Crypto-Asset Trading Platforms: Compliance with Regulatory Requirements</em></a> (Joint Staff Notice 21-329) requiring CTPs dealing in crypto assets that are securities (Security Tokens) or instruments or contracts involving crypto assets that the CSA view as securities or derivatives (Crypto Contracts) to obtain membership with IIROC and registration as investment dealers and, in some cases, as regulated marketplaces. Joint Staff Notice 21-329 provides for a two-year transition period during which CTPs may apply for registration as restricted dealers under National Instrument 31-103 <em>Registration Requirements, Exemptions and Ongoing Registrant Obligations</em> while they work towards full investment dealer registration and IIROC membership. Since the publication of the Joint Staff Notice 21‑329, several CTPs have been granted <a rel="noopener noreferrer" target="_blank" href="https://www.osc.ca/en/industry/registration-and-compliance/registered-crypto-asset-trading-platforms">restricted dealer registrations</a> along with corollary exemptive relief.</p> <p>In contrast to these other platforms, CCML applied directly for investment dealer registration and, under a framework of terms and conditions negotiated with IIROC and the CSA, it is now the first CTP to become an IIROC-registered investment dealer and marketplace member in Canada that offers trading in Crypto Contracts to retail investors.</p> <h2>Registration, Exemptions, Terms and Conditions</h2> <p>The <a rel="noopener noreferrer" target="_blank" href="https://www.iiroc.ca/news-and-publications/notices-and-guidance/coinsquare-capital-markets-ltd">approval of CCML's membership in IIROC</a> is accompanied by exemptive relief from certain IIROC Rules that IIROC indicates are designed to accommodate the CTP’s business model while seeking to ensure investor protection and fair and efficient capital markets. In particular, the IIROC Board of Directors provided:</p> <ul> <li>relief from the requirement under <a rel="noopener noreferrer" target="_blank" href="https://www.iiroc.ca/rules-and-enforcement/iiroc-rules/4000/4456-financial-institution-bond">IIROC Rule 4456</a> to maintain financial institution bond (FIB) insurance providing coverage for all types of losses specified in that Rule; and</li> <li>relief from the requirement under <a rel="noopener noreferrer" target="_blank" href="https://www.iiroc.ca/rules-and-enforcement/iiroc-rules/4000/4342-hold-securities-acceptable-securities-location">IIROC Rule 4342</a> that client assets must be held at an Acceptable Securities Location (as defined in <a rel="noopener noreferrer" target="_blank" href="https://www.iiroc.ca/rules-and-enforcement/iiroc-rules/4000/4341-definitions">IIROC Rule 4341</a>). This relief is granted for an initial period of one year and may be extended at IIROC’s discretion. The exemption is subject to Tetra Trust Company (Tetra), one of CCML’s custodians, adhering to various operational commitments made to CCML.</li> </ul> <p>The exemptive relief attempts to address some of the more contentious issues that CTPs are facing in fulfilling the securities regulatory requirements that are imposed on conventional registered dealers, namely, insurance and custody requirements. As a condition to obtaining the exemptive relief, CCML was required to provide representations and undertakings to the effect that CCML:</p> <ul> <li>must obtain an FIB insurance policy that includes an endorsement pertaining to losses of crypto assets once one becomes available to CCML;</li> <li>must obtain a Vault Risk Policy pertaining to crypto assets held at another of CCML’s custodians, Coinbase Custody Trust, LLC (“Coinbase”) with the terms and conditions of the policy acceptable to IIROC;</li> <li>must fund a CCML Trust Account, maintained at a Canadian bank, trust company or other acceptable institution<a href="#_edn1" name="_ednref1"><sup>[i]</sup></a>, dedicated to covering an amount greater than or equal to IIROC’s minimum FIB insurance coverage formula for client assets that are not held at CCML’s custodian, Coinbase;</li> <li>is prohibited from using client free credit cash balances to fund the CCML Trust Account; and</li> <li>must ensure and regularly confirm to IIROC that Coinbase and Tetra comply with various custodian-related requirements, including maintaining a net worth in excess of C$100 million, obtaining a SOC 2 Type 2 report annually, and providing annual audited financial statements, etc.</li> </ul> <p>CCML also obtained <a rel="noopener noreferrer" target="_blank" href="https://www.osc.ca/en/securities-law/orders-rulings-decisions/coinsquare-capital-markets-ltd">exemptive relief</a> (the “CSA Relief”) from the securities regulators in all provinces and territories from certain prospectus, trade reporting requirements and marketplace requirements applicable to alternative trading systems (ATS). The terms and conditions of the CSA Relief are similar to those imposed upon other CTPs in connection with their restricted dealer registrations.</p> <p>CCML’s IIROC membership and accompanying exemptions were granted shortly after the CSA announced that CTPs that continue to operate in Canada while they take steps to comply with applicable securities legislation as outlined in Joint Staff Notice 21-329, are now expected to provide a pre-registration undertaking to their principal regulators to continue operations while their applications are underway. CCML filed the <a rel="noopener noreferrer" target="_blank" href="https://www.osc.ca/sites/default/files/2022-08/pre-reg-undertaking_20220810_coinsquare-capital-markets-limited.pdf">pre-registration undertaking</a> on August 10, 2022. The undertaking contained representations similar to the terms and conditions now embedded in the CSA Relief.</p> <p>To date, only one other CTP, <a rel="noopener noreferrer" target="_blank" href="https://www.osc.ca/sites/default/files/2022-08/pre-reg-undertaking_20220803_foris-dax.pdf">Foris Dax, Inc. (operating as Crypto.com</a>) has filed a pre-registration undertaking.</p> <hr /> <p><a href="#_ednref1" name="_edn1">[i]</a> Acceptable institution is defined in <a rel="noopener noreferrer" target="_blank" href="https://www.iiroc.ca/media/17151/download?inline">IIROC Form 1</a>.</p>Mon, 24 Oct 2022 11:00:00 Z21-Oct-2022 07:25:00{85124D17-CCE1-4830-9A27-91038827EAD1}https://stikeman.com/en-ca/kh/competitor/canadas-economic-sanctions-and-anti-terrorism-laws-a-guideShawn C.D. Neylanhttps://stikeman.com/en-ca/people/n/shawn-c-d-neylanLaura Rowehttps://stikeman.com/en-ca/people/r/laura-roweThe CompetitorCanadian Energy LawCorporations & Commercial Law UpdateFinancial Services UpdateCanada’s Economic Sanctions and Anti-Terrorism Laws: A Guide<p><strong>Economic sanctions and anti-terrorism laws are having increasing impact on day-to-day business operations for companies in many industries and have also become an important area of diligence for equity transactions and financings. All companies with a nexus to Canada should be aware of these laws and their responsibilities thereunder and take appropriate risk-based steps directed towards compliance. </strong></p> <p>Canada has a broad range of economic sanctions and anti-terrorism laws targeting certain foreign states and some of their nationals, as well as various terrorist organizations. These laws are generally stated as being binding on individuals and entities when in Canada as well as on Canadian citizens and Canadian-incorporated businesses when they are or are operating outside Canada. These laws prohibit dealings with designated individuals, entities or organizations and in some cases have sector-specific or country or region-specific prohibitions or other limitations such as export controls in addition to those under the Export and Import Permits Act. They often impose reporting obligations regarding property of designated persons and in some cases impose periodic screening and reporting obligations on regulated financial institutions and other businesses.</p> <p>Our Guide to <em>Canada’s Economic Sanctions and Anti-Terrorism Laws</em>  provides an overview of Canada’s economic sanctions and anti-terrorism laws and a summary of potential measures that businesses can implement to enhance their compliance regime.</p> <p><em><a href="/-/media/files/kh-guides/canada’s-economic-sanctions-and-anti-terrorism-laws.ashx">Click here for a copy of the Guide</a></em></p> <p><em><a href="/-/media/files/kh-guides/canada’s-economic-sanctions-and-anti-terrorism-laws.ashx"></a></em>Note: This Guide was originally published on March 2, 2022. It has been updated following the numerous developments with respect to Canada’s economic sanctions laws which have occurred since Russia’s invasion of Ukraine in late February 2022. </p>14-Sep-2022 06:23:00{D94B101D-EB4E-4705-BA64-F72549B64C6C}https://stikeman.com/en-ca/kh/canadian-technology-ip-law/bill-c26-introducing-canadas-critical-cyber-systems-protection-actDanielle Miller Olofssonhttps://stikeman.com/en-ca/people/m/danielle-miller-olofssonCanadian Technology & IP LawCanadian Energy LawCorporations & Commercial Law UpdateFinancial Services UpdateBill C-26: Introducing Canada’s Critical Cyber Systems Protection Act<p><strong>On June 14, 2022, the Government of Canada introduced</strong><a rel="noopener noreferrer" target="_blank" href="https://www.parl.ca/DocumentViewer/en/44-1/bill/C-26/first-reading"><strong> Bill C-26, <em>An Act Respecting Cyber Security</em></strong></a><strong> which, among other things, seeks to enact the <em>Critical Cyber Systems Protection Act</em> (“CCSPA”). The </strong><a rel="noopener noreferrer" target="_blank" href="https://www.canada.ca/en/public-safety-canada/news/2022/06/protecting-critical-cyber-systems.html"><strong>“Backgrounder” that accompanies the Bill</strong></a><strong> explains that the CCSPA “addresses longstanding gaps in the Government’s ability to protect the vital services and systems Canadians depend on” by enabling it to (in the words of the Backgrounder): </strong></p> <ul> <li>Designate services and systems that are vital to national security or public safety in Canada as well as the operators or classes of operators responsible for their protection;</li> <li>Ensure that designated operators are protecting the cyber systems that underpin Canada’s critical infrastructure;</li> <li>Ensure that cyber incidents that meet or exceed a specific threshold are reported;</li> <li>Compel action by organizations in response to an identified cyber security threat or vulnerability; and</li> <li>Ensure a consistent cross-sectoral approach to cyber security in response to the growing interdependency of cyber systems.</li> </ul> <p>To accomplish its objective, the CCSPA proposes to impose new compliance and reporting duties on certain classes of federally regulated personal, partnership, or unincorporated organizations in sectors that are deemed vital to Canadian security (“Designated Operators”), as well as severe penalties for non-compliance by the Designated Operators and their directors and officers.</p> <h2>Compliance Duties</h2> <p>The CCSPA would require Designated Operators to</p> <ul> <li>Establish a cyber security program;</li> <li>Notify appropriate regulators of certain events;</li> <li>Mitigate supply-chain and third-party risks;</li> <li>Immediately report cyber security incidents; and</li> <li>Maintain compliance records.</li> </ul> <p>It would also allow the Governor in Council to issue cyber security directions to address immediate threats and vulnerabilities.</p> <h3>Cyber security program</h3> <p>Although the Bill has not yet identified specific Designated Operators in its Schedule 2, once the Governor in Council determines that an entity is a Designated Operator, the entity must, within 90 days, establish and make available to the appropriate regulator, a cyber security program in respect of its critical cyber systems (“<strong>CCS</strong>”s). A CCS is “a cyber system that, if its confidentiality, integrity or availability were compromised, could affect the continuity or security of a vital service or vital system”. The CCSPA provides a list of vital services or systems in its Schedule 1. These include:</p> <ul> <li>Telecommunications services;</li> <li>Interprovincial or international pipeline and power line systems;</li> <li>Nuclear energy systems;</li> <li>Transportation systems that are within the legislative authority of Parliament;</li> <li>Banking systems;</li> <li>Clearing and settlement systems.</li> </ul> <p>The Bill would require the Designated Operator’s cyber security program to:</p> <ul> <li>Identify and manage any organizational cyber security risks, including risks associated with the Designated Operator’s supply chain and its use of third-party products and services;</li> <li>Protect the Designated Operator’s CCS from being compromised.</li> <li>Detect any cyber security incidents (“CSI”) affecting, or having the potential to affect, its CCSs. The Bill defines a CSI as “an incident, including an act, omission or circumstance, that interferes or may interfere with: (a) the continuity or security of a vital service or vital system; or (b) the confidentiality, integrity or availability of the critical cyber system”;</li> <li>Minimize the impact of a CSI affecting its CCS; and</li> <li>Do anything that is prescribed by the regulation.</li> </ul> <p>Once the program has been established the Designated Operator must</p> <ul> <li>Inform the appropriate regulator in writing and,</li> <li>Implement and maintain the program.</li> </ul> <p>The program must be reviewed on a date specified by regulation or annually if no date is specified. The review must be completed within 60 days and any change to the program in response to the review communicated to the appropriate regulator within 30 days of the review’s completion. </p> <h3>Notification duties</h3> <p>The Bill would require Designated Operators to notify their appropriate regulators of an event involving: (a) any material change in the Designated Operator’s ownership or control; (b) any material change in the Designated Operator’s supply chain or use of third-party products; and (c) any circumstances prescribed in a regulation. The Designated Operator would also be required to inform the appropriate regulator of any change to its cyber security program as a result of events mentioned in (a) to (c) within 90 days of providing notification of the event.</p> <h3>Mitigation of supply-chain and third-party risks</h3> <p>If a Designated Operator were to identify a cyber security risk associated to a supply-chain or a third-party product or service, the Bill would require the Designated Operator to take reasonable steps to mitigate the risk.</p> <h3>Reporting</h3> <p>A Designated Operator would also be required to report immediately a CSI affecting any of its CCSs first to the Communications Security Establishment and then to the appropriate regulator.</p> <h3>Record keeping</h3> <p>The Bill would require a Designated Operator to keep a record of the following information in Canada at any place prescribed by the regulation or at the Designated Operator’s place of business:</p> <ul> <li>Any steps taken to implement its cyber security program;</li> <li>Every CSI reported to the Communications Security Establishment;</li> <li>Any steps taken to mitigate any supply chain or third party risks;</li> <li>Any measures to implement a cyber security direction; and</li> <li>Any matter prescribed by regulation.</li> </ul> <h3>Cyber security direction</h3> <p>Another feature that the Bill proposes is to allow the Governor in Council to issue a cyber security order to direct any Designated Operator or class of operators to comply with any measure for the purposes of protecting a CCS. In addition to the name or class of the Designated Operator, this order must specify the measures to be taken and the period within which they must be taken. Failure to comply with a cyber security direction could be punishable on conviction on indictment and subject to the sanctions described below.</p> <h2>Enforcement</h2> <p>To enforce the above compliance requirements, CCSPA proposes administrative penalties for violations and criminal sanctions for offenses. Both types of sanctions carry a three-year statute of limitation. Both provide for director and officer liability in the event the individual “directed, authorized, assented to, acquiesced in or participated in the commission of” the violation or offence. A violation or an offence that lasts for more than one day will be considered a separate offence for each day it is allowed to continue.</p> <p>Additionally, the following regulatory bodies would be given the power to enter a place – including a dwelling –, require internal audits, and order compliance orders: (i) the Superintendent of Financial Institutions, (ii) the Ministry of Industry, (iii) the Bank of Canada, (iv) the Canadian Nuclear Safety Commission, (v) the Canadian Energy Regulator, and (vi) the Ministry of Transport.</p> <p>As stated above the Bill proposes two types of sanctions depending on whether the breach of the CCSPA constitutes a violation or an offense. The draft legislation, however, precludes any activity that is proceeded against as a violation from being tried as an offence and vice versa. A violation, defined as any activity that contravenes the CCSPA, would be punishable by a financial monetary penalty of no more than $1 million for an individual and $15 million in any other case. An offence, defined as any breach of specific provisions such as those requiring the establishment of a cyber security program or the notice obligations, could be punishable either on summary conviction or on conviction on indictment. A summary conviction would result in either or both of a fine or a prison sentence of two years less a day for an individual or a fine for the entity involved. A conviction on indictment would result in (for an individual) a fine or a prison sentence of no more than five years (or both) or (for the entity involved) a fine. In both instances, the amount of any fine would be up to the discretion of the court.</p> <h2>Conclusion</h2> <p>Bill C-26 proposes compliance measures intended to protect CCSs in sectors that are deemed vital to Canadian security. The Bill has only passed first reading in the House of Commons and is thus not assured of implementation in its current form. If it is implemented “as is”, however, Bill C-26 will require additional compliance and record-keeping duties by private sector entities conducting business in these sectors. We will continue to follow the legislation as it proceeds through the legislative process (see the <a rel="noopener noreferrer" target="_blank" href="https://www.parl.ca/LegisInfo/en/bill/44-1/C-26">Parliament of Canada website</a> for the Bill’s current status). </p>Mon, 20 Jun 2022 11:00:00 Z20-Jun-2022 08:36:00{48DA8F7A-06EA-488A-B1A8-F18235DABBE4}https://stikeman.com/en-ca/kh/competitor/the-latest-developments-on-canada-s-sanctions-on-russiaShawn C.D. Neylanhttps://stikeman.com/en-ca/people/n/shawn-c-d-neylanThe CompetitorFinancial Services UpdateThe Latest Developments on Canada’s Sanctions on Russia<p><strong>In this post we look at the latest sanctions-related developments relating to the invasion of Ukraine. These restrictions are in addition to those already imposed in relation to Russia, Belarus and Ukraine under the </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://laws-lois.justice.gc.ca/eng/acts/s-14.5/index.html"><strong><em>Special Economic Measures Act</em></strong></a><strong> (“SEMA”) as described in our blog posts of </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/canada-imposes-further-sanctions-on-russia-in-response-to-the-invasion-of-ukraine">February 25</a></strong><strong>, </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/canada-imposes-another-round-of-sanctions-on-russia-in-response-to-the-war-in-ukraine">March 3</a></strong><strong>, </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/further-canadian-responses-to-russias-invasion-of-ukraine">March 4</a></strong><strong>,<a href="https://stikeman.com/en-ca/kh/competitor/another-round-of-canadian-sanctions-on-russia-and-belarus"><strong> </strong><strong>March 15</strong></a></strong><strong>, </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/g7-financial-intelligence-units-cooperate-on-sanctions-on-russia">March 21, </a></strong><strong> and<a href="https://stikeman.com/en-ca/kh/competitor/update-on-canadas-sanctions-and-other-responses-to-russias-war-in-ukraine"><strong> </strong><strong>April 7, 2022</strong></a></strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://stikeman.com/en-ca/kh/competitor/update-on-canadas-sanctions-and-other-responses-to-russias-war-in-ukraine">, <strong></strong></a><strong>.</strong></p> <p>As discussed below, the new developments include: </p> <ul> <li>More Russians and Ukrainians have become designated persons.</li> <li>New bans on the import and export of luxury goods have been imposed. There are two lists and the export list in particular is very broad.</li> <li>A new ban on the export of materials that have potential defence applications has been imposed. This list is very broad.</li> </ul> <h2>More Designated Russians and Ukrainians</h2> <p>Additional Russian and Ukrainian persons have been designated as follows:</p> <ul> <li>14 Russian individuals were designated on April 19.</li> <li>203 Ukrainian individuals were designated on April 26, apparently for being allied with Russia.</li> <li>21 Russian individuals were designated on May 13.</li> <li>19 Russian individuals and 5 Russian entities were designated on May 6.</li> <li>14 Russian individuals were designated on May 18.</li> </ul> <h2>Luxury Goods Export Ban</h2> <p>On May 18, the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.international.gc.ca/world-monde/international_relations-relations_internationales/sanctions/russia_regulations-reglement_russie18.aspx?lang=eng">SEMA Russia Regulations were amended</a> to include a ban on the export, sale, supply or shipment of any scheduled luxury good to Russia or to any person in Russia. A wide range of products are subject to the export ban including, for example, certain specified alcoholic beverages, tobacco products, perfumes, cosmetics, plastics, clothing, ornamental products, luggage and handbags, furs, silk, carpets, textiles, blankets, tents, sails, lifejackets, footwear, headgear, tableware and kitchenware, ceramic houseware such as bathroom fixtures, glassware, pearls, diamonds and other gems, silver, gold, jewelry, internal combustion engines including outboard engines, hydraulic engines, portable computers, passenger vehicles for travelling on snow, golf carts, passenger vehicles, motorcycles, wrist and pocket watches, grand pianos, artist and cosmetic brushes, pens, paintings and other art, postage stamps, biological, numismatic and archaeological articles and collections and antiques.</p> <p>The descriptions of the products are technical and reference should be made to the regulations to determine if any particular product is subject to this ban.</p> <h2>Luxury Goods Import Ban</h2> <p>On May 18, the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.international.gc.ca/world-monde/international_relations-relations_internationales/sanctions/russia_regulations-reglement_russie18.aspx?lang=eng">SEMA Russia Regulations were amended</a> to include a ban on the import, purchase or acquisition of any scheduled luxury good from Russia or from any person in Russia. A wide range of products are subject to the export ban including, for example, certain specified fish, crustaceans, caviar, alcoholic beverages and diamonds.</p> <p>The descriptions of the products are technical and reference should be made to the regulations to determine if any particular product is subject to this ban.</p> <h2>Goods for Manufacture of Weapons Ban</h2> <p>On May 18, the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.international.gc.ca/world-monde/international_relations-relations_internationales/sanctions/russia_regulations-reglement_russie18.aspx?lang=eng">SEMA Russia Regulations were amended</a> to include a ban on the export, sale, supply or shipment of any scheduled goods to Russia or to any person in Russia. Some of the specified goods related to the manufacture of weapons but others do not. This ban is in addition to restrictions on various military, dual use and other goods and technology under the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://laws-lois.justice.gc.ca/eng/acts/e-19/"><em>Export and Import Permits Act</em></a>. Examples of goods subject to this new SEMA ban include certain specified tungsten, boron, tellurium, bandaging materials, lubricants, catalysts, aluminum, tantalum, bismuth, titanium, rhenium, niobium, diesel engines, pumps, air conditioners, cranes, forklifts, industrial robots, bulldozers, front-end loaders, machinery with a 360 degree rotating structure, pile drivers, rock cutters, tunnelling machinery, boring machinery, tamping machinery, concrete mixers, ball bearings, electrical machinery, tractors, transport vehicles, drilling derricks, tanks, drones, aircraft, helicopters, spacecraft, ships, cameras, projectors, medical and surgical instruments, oxygen therapy apparatuses, X-ray equipment, liquid and gas measurement devices, other measuring instruments, thermostats and medical and surgical furniture such as operating tables.</p> <p>The descriptions of the products are technical and reference should be made to the regulations to determine if any particular product is subject to this ban.</p> <h2>Conclusion</h2> <p>Canada continues to dial up its sanctions response to Russia’s invasion of Ukraine. The restrictions as a whole are clearly impacting Canadian businesses. It is important for Canadian businesses to monitor developments and determine if their business is in compliance with any new restrictions that may be imposed.</p>01-Jun-2022 06:58:00{6ED73B8D-44DD-4DE1-9E9A-538060DD49E0}https://stikeman.com/en-ca/kh/competitor/disclosure-obligations-under-canadian-economic-sanctions-and-anti-terrorism-laws-a-primerShawn C.D. Neylanhttps://stikeman.com/en-ca/people/n/shawn-c-d-neylanThe CompetitorCorporations & Commercial Law UpdateFinancial Services UpdateDisclosure Obligations Under Canadian Economic Sanctions and Anti-Terrorism Laws: A Primer<p><strong>In this post we discuss disclosure obligations under Canadian economic sanctions and anti-terrorism laws, including in respect of financial services providers. </strong></p> <p>As discussed below:</p> <ul> <li>There are disclosure obligations that are applicable to all persons in Canada and all Canadians outside of Canada.</li> <li>Certain financial services providers are subject to a continuing obligation to determine whether they are in possession or control of property of a designated person and subject to requirements to file regulatory reports with their primary regulator pursuant to <em>Criminal Code</em> and <em>Sergei Magnitsky Law.</em></li> <li>FINTRAC reporting requirements are distinct from reporting requirements under Canada’s economic sanctions and anti-terrorism laws.</li> </ul> <h2>Generally Applicable Disclosure Obligations</h2> <p>Most economic sanctions are imposed on a jurisdiction-by-jurisdiction basis under the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://laws-lois.justice.gc.ca/eng/acts/s-14.5/index.html"><em>Special Economic Measures Act</em></a> and the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://laws-lois.justice.gc.ca/eng/acts/u-2/index.html"><em>United Nations Act</em></a>. However, restrictions similar to economic sanctions are imposed under the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://laws-lois.justice.gc.ca/eng/acts/F-31.6/index.html"><em>Freezing Assets of Corrupt Foreign Officials Act</em></a>, economic sanctions in respect of terrorists are imposed under the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://laws-lois.justice.gc.ca/eng/acts/c-46/"><em>Criminal Code</em></a> (as well as the <em>United Nations Act</em>) and economic sanctions in respect of individuals for engaging in gross human rights violations or significant acts of corruption are imposed under the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://laws.justice.gc.ca/eng/acts/J-2.3/"><em>Justice for Victims of Corrupt Foreign Officials Act (Sergei Magnitsky Law)</em></a>. Persons listed in these sanctions are generally referred to as designated persons or listed persons.</p> <p>Almost all of these sanctions have generally applicable disclosure obligations that require persons in Canada and Canadians outside of Canada to disclose without delay to the Royal Canadian Mounted Police (or, alternatively, in some cases, the Canadian Security Intelligence Service (“CSIS”)):</p> <ul> <li><strong>property in their possession or control</strong> that is owned or controlled by a designated person (in some cases this explicitly includes a requirement in respect of property owned or controlled by a person that is owned or controlled by a designated person); and</li> <li><strong>information about a transaction or proposed transaction</strong> in respect of any such property.</li> </ul> <h2>Continuing Duty to Determine</h2> <p>Most of the above-noted sanctions regimes also impose an obligation on a wide range of financial services providers <strong>to determine on a continuing basis whether they are in possession or control of property owned, held or controlled by or on behalf of a designated person</strong>. These entities include banks, credit unions and caisses populaires, insurance companies, trust companies, loan companies, money services businesses (in some cases) and entities authorized under provincial legislation to engage in the business of dealing in securities or to provide portfolio management or investment counselling services (“Federally or Provincially Authorized Entities”).</p> <p>Combined with the generally applicable disclosure obligations discussed above, the continuing duty to determine is intended to result in <strong>prompt disclosure to law enforcement (or CSIS in some cases)</strong> by specified financial services providers. However, not all specified financial services providers are either persons in Canada or Canadians outside of Canada. In particular, some Provincially Authorized Entities are non-Canadian entities located outside of Canada without any personnel in Canada. While such entities are subject to the continuing duties to determine, they are not subject to the generally appliable disclosure obligations except, potentially, if they have another relevant nexus to Canada.</p> <h2>Financial Services Provider Regulatory Filing Requirements</h2> <p>Two of Canada’s economic sanctions and anti-terrorism laws, namely the <em>Criminal Code</em> and the <em>Justice for Victims of Corrupt Foreign Officials Act (Sergei Magnitsky Law)</em>, impose additional regulatory reporting requirements on specified financial services providers, including in some cases non-Canadian entities that are not subject to the generally applicable disclosure obligations.</p> <p>The <em>Criminal Code</em> requires that a specified financial services provider must report monthly to the principal agency or body that supervises or regulates it under federal or provincial law either:</p> <ul> <li>that it <strong>is not</strong> in possession or control of any property owned or controlled by a listed terrorist entity; or</li> <li>that it <strong>is</strong> in possession or control of such property, in which case it must also report the number of persons, contracts or accounts involved and the total value of the property.</li> </ul> <p>Thus, in many cases, monthly “nil” reports are required to be filed.</p> <p>The <em>Sergei Magnitsky Law</em> requires that if a specified financial services provider determines that it is in possession or control of any property of a person designated under that statute it must disclose without delay, and once every three months after that, to the principal agency or body that supervises or regulates it under federal or provincial law the fact that it is in possession or control of the property, the number of persons or dealings involved and the total value of the property.</p> <p>Because a wide range of financial services providers are subject to specific financial service provider regulatory filing requirements with the regulatory body that oversees their business, it follows that a wide range of regulators receive such reports. While some regulators have published forms that are intended to assist parties with filing requirements, in practice it is not always clear exactly what information is required to be filed. When making filings to comply with requirements imposed under the <em>Criminal Code</em> and the <em>Sergei Magnitsky Law</em>, it is helpful to refer to the provision that imposes the requirement, in order to better understand what information is required.</p> <h2>Asset Freezing and FINTRAC Reporting Obligations</h2> <p>This note focusses on disclosure obligations under economic sanctions and anti-terrorism laws. It is important to note that such laws also impose restrictions on dealing with designated persons as well as sectoral and geographic restrictions. In addition, it is important to keep in mind that obligations to report suspicious transactions to FINTRAC pursuant to the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://lois-laws.justice.gc.ca/eng/acts/P-24.501/"><em>Proceeds of Crime (Money Laundering) and Terrorist Financing Act</em></a> are distinct from the obligations discussed in this note.</p> <h2>Conclusion</h2> <p>Disclosure obligations under Canada’s economic sanctions and anti-terrorism laws can in some cases be a significant burden on businesses. This is particularly true of financial services providers that are subject to more onerous requirements. Nevertheless, it is important for affected businesses to ensure that they have the processes in place to comply with such obligations, as a failure to comply can lead to criminal charges.</p>28-Apr-2022 03:25:00{17DB0D30-0E0C-48E1-9FE0-45B268EABB95}https://stikeman.com/en-ca/kh/competitor/update-on-canadas-sanctions-and-other-responses-to-russias-war-in-ukraineShawn C.D. Neylanhttps://stikeman.com/en-ca/people/n/shawn-c-d-neylanThe CompetitorCanadian Energy LawCorporations & Commercial Law UpdateFinancial Services UpdateUpdate on Canada’s Sanctions and Other Responses to Russia’s War in Ukraine<p><strong>In this post we look at the latest sanctions-related developments relating to the invasion of Ukraine. These restrictions are in addition to those already imposed in relation to Russia, Belarus and Ukraine under the </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://laws-lois.justice.gc.ca/eng/acts/s-14.5/index.html"><strong><em>Special Economic Measures Act</em></strong></a><strong> (“SEMA”) as described in our blog posts of </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.stikeman.com/en-ca/kh/competitor/canada-imposes-further-sanctions-on-russia-in-response-to-the-invasion-of-ukraine"><strong>February 25</strong></a><strong>, </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.stikeman.com/en-ca/kh/competitor/canada-imposes-another-round-of-sanctions-on-russia-in-response-to-the-war-in-ukraine"><strong>March 3</strong></a><strong>, </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.stikeman.com/en-ca/kh/competitor/further-canadian-responses-to-russias-invasion-of-ukraine"><strong>March 4</strong></a>, <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.stikeman.com/en-ca/kh/competitor/another-round-of-canadian-sanctions-on-russia-and-belarus"><strong>March 15</strong></a><strong> and </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.stikeman.com/en-ca/kh/competitor/g7-financial-intelligence-units-cooperate-on-sanctions-on-russia"><strong>March 21</strong></a><strong>. </strong></p> <p>As discussed below, the new developments include:</p> <ul> <li>The issuance by FINTRAC of guidance on compliance with money laundering laws as they may relate to sanctions evasion by persons designated under economic sanctions laws;</li> <li>More Russians and Belarusians have become designated persons;</li> <li>New prohibitions in relation to restricted goods and technology;</li> <li>The withdrawal by Export Development Canada (“EDC”) of export finance support for Russia and Belarus (EDC will continue to support Ukraine); and</li> <li>The prohibition of insurance and reinsurance in relation to Russian and Belarusian aircraft.</li> </ul> <h2>FINTRAC Issues Special Bulletin on Russia-linked Money Laundering Related to Sanctions Evasion</h2> <p>We <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.stikeman.com/en-ca/kh/competitor/g7-financial-intelligence-units-cooperate-on-sanctions-on-russia">previously reported</a> that FINTRAC entered into <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://fintrac-canafe.canada.ca/new-neuf/nr/2022-03-16-eng">a statement of intent</a> with the financial intelligence units of the other G7 members, as well as those of Australia, New Zealand and the Netherlands, to enhance financial intelligence on sanction-related matters and associated financial flows and economic activities. FINTRAC has since issued a <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://fintrac-canafe.canada.ca/intel/bulletins/rlml-eng">Special Bulletin</a> on that topic. Highlighting the potential application of Canadian <strong>money-laundering and proceeds of crime laws</strong> to sanctions violations, the Special Bulletin notes that:</p> <ul> <li>Attempts to evade sanctions imposed against Russian individuals and entities are likely to be conducted through the use of intermediary jurisdictions to set up complex networks of shell and front companies (often registered to addresses in offshore financial centres or tax havens) and non-resident bank accounts (generally located in jurisdictions known to cater to Russian-speaking customers).</li> <li>In order for money laundering to occur in the context of sanctions evasion, the sanctions evasion would either need to be attempted or committed using proceeds of crime (as defined in the <em>Criminal Code</em>, which includes proceeds of crimes committed outside of Canada), or the sanctions evasion would need to give rise to or generate proceeds of crime that would then be laundered or attempted to be laundered.</li> <li>Alternative financial channels – among them, cryptocurrencies and other emerging financial technologies – may also play an important role in Russia-linked illicit financial flows related to the proceeds of crime.</li> </ul> <p>The Special Bulletin describes several <strong>risk factors</strong> that may be relevant to assessing money laundering risks any particular case:</p> <ul> <li>The involvement of legal firms, including company service providers based in offshore financial centres, that have historically specialized in Russian clientele or in transactions associated with Russian elites and their associates.</li> <li>A pattern of shell companies registered in traditional tax havens conducting international wire transfers using financial institutions in jurisdictions distinct from the company’s registration (i.e., non-resident banking) and associated with Russian financial flows.</li> <li>Jurisdictions with low barriers to set up shell companies as general trading companies with particular attention being paid to entities located in international trade hubs with noted anti-money laundering deficiencies, including the 23 jurisdictions <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.fatf-gafi.org/publications/high-risk-and-other-monitored-jurisdictions/documents/increased-monitoring-march-2022.html">recently highlighted by the Financial Action Task Force</a> (which include the Cayman Islands, Turkey and the UAE) or in jurisdictions that have seen a recent decline in accountable governance and democratic development (which is a rather general consideration of potentially wide application but still worth considering when assessing compliance risk).</li> <li>Accounts with financial institutions or in jurisdictions associated with Russian financial flows that are experiencing a sudden rise in the value being transferred to their respective institutions or areas, without a clear economic or business rationale. The Special Bulletin also states that some Russia-linked individuals and entities have been known to use real-estate transactions for money laundering purposes.</li> </ul> <h2>More Russians and Belarusians Have Been Designated</h2> <p>Canada has designated more Russians and Belarusians under its economic sanctions laws. Currently there are 735 Russian individuals and 136 Russian entities that have been sanctioned by Canada under SEMA. In the case of Belarus, 146 Belarusian individuals and 37 Belarusian entities are currently sanctioned under SEMA.</p> <h2>Restricted Goods and Technologies List</h2> <p>The SEMA Russia and Belarus Regulations now include, subject to certain exceptions, prohibitions on exporting, selling, supplying or shipping any goods on the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.international.gc.ca/world-monde/international_relations-relations_internationales/sanctions/goods_gechnologies-marchandises_technologies.aspx?lang=eng">Restricted Goods and Technology List</a> or to provide any technology on that list to Russia or Belarus or to any person in Russia or Belarus.</p> <h2>Withdrawal of Export Finance Support</h2> <p>Export Development Canada together with the export credit agencies of the U.K. and the U.S. <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.edc.ca/en/about-us/newsroom/ukef-edc-usexim-joint-statement.html">have withdrawn new export finance support for Russia and Belarus</a> while retaining such support for Ukraine.</p> <h2>Prohibition on Insurance for Russian and Belarusian Aircraft</h2> <p>Canada has prohibited the provision of insurance or reinsurance to Russia or any person in Russia in relation to goods described in Chapter 88 of the Harmonized Commodity Description and Coding System, published by the World Customs Organization, or in relation to technology for a good described in that chapter. This mainly relates to aircraft and spacecraft.</p> <h2>Conclusion</h2> <p>Canada continues to enact new restrictions in relation to Russia’s war in Ukraine. Compliance with such laws, and also with money laundering laws that may be triggered in relation to sanctions evasion, continues to be important for Canadian businesses.</p>07-Apr-2022 07:15:00{7A3D3BC2-6553-4D9A-A1DF-438882B44CDB}https://stikeman.com/en-ca/kh/competitor/g7-financial-intelligence-units-cooperate-on-sanctions-on-russiaShawn C.D. Neylanhttps://stikeman.com/en-ca/people/n/shawn-c-d-neylanThe CompetitorCanadian Energy LawFinancial Services UpdateCorporations & Commercial Law UpdateG7 Financial Intelligence Units Cooperate on Sanctions on Russia<p><strong>In the latest sanctions-related developments, Canada’s FINTRAC has agreed to work with other financial intelligence units in relation to sanctions and related anti-money laundering, while Canada has also imposed an additional set of sanctions on Belarusians. These restrictions are in addition to those already imposed in relation to Russia, Belarus and Ukraine under the <em>Special Economic Measures Act</em> as described in our blog posts of </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/canada-imposes-further-sanctions-on-russia-in-response-to-the-invasion-of-ukraine">February 25</a></strong><strong>, </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/canada-imposes-another-round-of-sanctions-on-russia-in-response-to-the-war-in-ukraine">March 3</a></strong><strong>, </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/further-canadian-responses-to-russias-invasion-of-ukraine"><strong>March 4</strong><strong> </strong></a>and </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/another-round-of-canadian-sanctions-on-russia-and-belarus"><strong>March 15</strong><strong>.</strong></a></strong></p> <h2>Financial Intelligence Units to Focus on Sanctions Violations and Related AML Concerns</h2> <p>FINTRAC has entered into <a rel="noopener noreferrer" target="_blank" href="https://fintrac-canafe.canada.ca/new-neuf/nr/2022-03-16-eng">a statement of intent</a> with the financial intelligence units of the other G7 members, as well as those of Australia, New Zealand and the Netherlands. The statement shows that there is agreed intent to enhance financial intelligence on sanction-related matters and associated financial flows and economic activities. This is likely to assist law enforcement authorities in these jurisdictions in investigations of potential sanctions violations as well as related potential money-laundering offences. This may signal greater scrutiny and (potentially) investigation and prosecution of economic sanctions violations than was the case in Canada before Russia’s invasion of Ukraine. Greater cooperation between these jurisdictions will make it more difficult for persons designated under sanctions to successfully liquidate assets and move proceeds of sale.</p> <p>The development also highlights the potential application of Canadian money-laundering and proceeds of crime laws to sanctions violations. In particular, proceeds of transactions that are in breach of Canadian or other jurisdictions’ sanctions laws could be determined to be funds that were obtained or derived directly or indirectly from an offence. Canadian criminal law prohibits persons from using, transferring, sending or delivering such proceeds in order to either conceal or convert such proceeds if they know or believe, or are reckless as to whether they were derived from crime.</p> <p>It is important to understand that proof of intent to conceal is not required if intent to convert is proved. Conversion could be shown, for example if the funds were used to buy an asset or converted into a fiat or cryptocurrency. It will therefore be prudent for Canadian businesses to take steps to ensure that proffered funds that are potentially related to designated persons are not proceeds from transactions that are prohibited under sanctions laws.</p> <h2>More Belarusians Designated by Canada</h2> <p>In yet another round of sanctions imposed by Canada in relation to Russia’s war in Ukraine, 22 Belarusian individuals have been designated and are thus subject to a general dealing prohibition. These appear to generally be government officials.</p> <h2>Conclusion</h2> <p>The statement of intent issued by FINTRAC and its partner financial intelligence units is a harbinger of future law enforcement in relation to Canadian and other economic sanctions violations including under anti-money laundering laws. This provides yet another impetus for Canadian businesses to promptly take steps to ensure that they are in compliance with the many new sanctions imposed by Canada in relation to Russia’s war in Ukraine.</p>21-Mar-2022 03:38:00{61D1E725-70AF-489B-B838-3A5655EF6EAF}https://stikeman.com/en-ca/kh/competitor/another-round-of-canadian-sanctions-on-russia-and-belarusShawn C.D. Neylanhttps://stikeman.com/en-ca/people/n/shawn-c-d-neylanThe CompetitorCanadian Energy LawFinancial Services UpdateCorporations & Commercial Law UpdateAnother Round of Canadian Sanctions on Russia and Belarus and Higher Scrutiny for Russian Investment in Canada<p><strong>Canada has imposed further sanctions and an investment ban on Russia due to its continuing invasion of Ukraine. These restrictions are in addition to those already imposed in the <em>Special Economic Measures (Russia) Regulations</em> as described in our blog posts of </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/canada-imposes-further-sanctions-on-russia-in-response-to-the-invasion-of-ukraine">February 25</a></strong><strong>, </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/canada-imposes-another-round-of-sanctions-on-russia-in-response-to-the-war-in-ukraine">March 3</a></strong><strong> and </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/further-canadian-responses-to-russias-invasion-of-ukraine">March 4</a></strong><strong>. Sanctions have also been imposed on Belarus. </strong></p> <h2>Ban on Russian Vessels in Force</h2> <p>The <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.international.gc.ca/world-monde/international_relations-relations_internationales/sanctions/russia_regulations-reglement_russie7.aspx?lang=eng">Canadian government has now prohibited</a> “any person to dock in Canada or pass through Canada any ship that is registered in Russia or used, leased or chartered, in whole or in part, by or on behalf of or for the benefit of Russia, a person in Russia or a designated person, unless such docking or passage is necessary to safeguard human life or to ensure navigational safety.</p> <h2>Ban on Russian Oil in Force</h2> <p>The <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.international.gc.ca/world-monde/international_relations-relations_internationales/sanctions/russia_regulations-reglement_russie8.aspx?lang=eng">Canadian government has now prohibited</a> any person in Canada and any Canadian outside Canada to import, purchase or acquire any petroleum or related oils or petroleum gas or related gases, wherever situated, from Russia or from any person in Russia.</p> <h2>More Designated Russians and Belarusians</h2> <p>Thirty-two more Russian entities and forty more Russian individuals have been designated and are therefore subject to a general dealing prohibition.</p> <p>Nineteen Belarusian individuals have been designated in relation to the war in Ukraine. The Belarusians previously sanctioned under the pre-existing sanctions on Belarus were designated in relation to human rights violations in Belarus. Twenty-five Belarusian entities have been designated and are thus subject to a general dealing prohibition.</p> <h2>Russian Investments in Canada to Face Higher Scrutiny</h2> <p>On March 8, 2022 the Government of Canada issued a <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.ic.gc.ca/eic/site/ica-lic.nsf/eng/lk81228.html">Policy Statement on Foreign Investment Review and the Ukraine Crisis</a>, which states that approval of Russian acquisitions of control of Canadian businesses (where approval by the Minister of Industry or the Minister of Heritage is required under the <em>Investment Canada Act</em>) will be granted on an exceptional basis only.</p> <p>The Policy Statement also states that a determination by the Canadian government that an investment, regardless of its value, has ties, direct or indirect, to an individual or entity associated with, controlled by or subject to influence by the Russian state, “will support a finding” by the Minister that there are reasonable grounds to believe that the investment could be injurious to Canada’s national security as set out in <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://laws-lois.justice.gc.ca/eng/acts/I-21.8/page-4.html#h-278745">Part IV.1 of the <em>Investment Canada Act</em></a>. This is the test for commencing a national security process under the <em>Investment Canada Act</em>. Thus all such investments are likely to receive higher scrutiny that might otherwise be the case.</p> <p>The Policy Statement recommends that all non-Canadian investors and Canadian businesses carefully review their investment plans to identify any potential connections to Russian investors and entities that may be involved in both controlling and minority investments. It is clear that the Canadian government will until further notice thoroughly scrutinize transactions for any Russian involvement.</p> <h2>Conclusion</h2> <p>Canada’s economic sanctions and other measures imposed on Russia and Belarus in response to Russia’s invasion of Ukraine continue to expand. This is posing significant challenges for Canadian businesses to quickly assess whether any counterparties have become designated and are thus subject to dealing prohibitions, breaches of which are subject to criminal prosecution. Such assessments must be conducted in order to avoid violating the law.</p>15-Mar-2022 02:58:00{8DEA66FE-843E-4D39-9707-01CC6ED3FAE1}https://stikeman.com/en-ca/kh/competitor/further-canadian-responses-to-russias-invasion-of-ukraineShawn C.D. Neylanhttps://stikeman.com/en-ca/people/n/shawn-c-d-neylanThe CompetitorCorporations & Commercial Law UpdateCanadian Energy LawFinancial Services UpdateFurther Canadian Responses to Russia’s Invasion of Ukraine<p><strong>Canada has imposed further restrictions on Russia due to its continuing invasion of Ukraine. These restrictions are in addition to those already imposed in the <em>Special Economic Measures (Russia) Regulations</em> as described in our blog posts of </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/canada-imposes-further-sanctions-on-russia-in-response-to-the-invasion-of-ukraine">February 25</a></strong><strong> and </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/canada-imposes-another-round-of-sanctions-on-russia-in-response-to-the-war-in-ukraine">March 3</a></strong><strong>. Russia and Belarus have lost their most favoured nation status under the Customs Tariff.</strong></p> <h2>Ban on Russian Vessels</h2> <p>The Canadian government has <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.canada.ca/en/transport-canada/news/2022/03/government-of-canada-prohibits-russian-ships-and-fishing-vessels-from-entering-canadian-ports-and-internal-waters.html">announced</a> that it will ban Russian-owned or registered ships and fishing vessels from Canadian ports and internal waters through forthcoming regulations under the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://laws-lois.justice.gc.ca/eng/acts/s-14.5/index.html"><em>Special Economic Measures Act</em></a>.</p> <h2>Ban on Russian Oil</h2> <p>Russian oil and perhaps other related products will be banned by Canada <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.canada.ca/en/natural-resources-canada/news/2022/02/government-of-canada-moves-to-prohibit-import-of-russian-oil.html">according to the Canadian government</a>. Historically Canada has imported small amounts of Russian oil.</p> <h2>Russia and Belarus Lose MFN Status</h2> <p>Russian and Belarus <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.canada.ca/en/department-finance/news/2022/03/canada-cuts-russia-and-belarus-from-most-favoured-nation-tariff-treatment.html">have lost their most favoured nation status</a> under Canada’s Customs Tariff. The removal of MFN status for Belarus was stated to be based on Belarus’ support of the invasion of Ukraine by Russia. In general, this will result in a duty of 35% being assessed on imports from Russia and Belarus.</p> <h2>Potential Removal of RT From Canadian Distribution</h2> <p>The federal government has made an order requesting the Canadian Radio-television and Telecommunications Commission hold a hearing at an early date to determine whether the Russian state-controlled RT and RT France networks should be removed from the List of non-Canadian programming services and stations authorized for distribution.</p> <h2>Conclusion</h2> <p>Canada’s economic sanctions and other measures imposed on Russia, and now Belarus, in response to Russia’s invasion of Ukraine continue to expand. Cumulatively, these are likely to have a significant impact on Russia but will also in some cases have adverse consequences for Canadian businesses which must comply with Canadian economic sanctions.</p>04-Mar-2022 09:24:00{1E1C39A5-4AC8-4737-BB48-CB76E7A931CB}https://stikeman.com/en-ca/kh/competitor/canada-imposes-another-round-of-sanctions-on-russia-in-response-to-the-war-in-ukraineShawn C.D. Neylanhttps://stikeman.com/en-ca/people/n/shawn-c-d-neylanThe CompetitorCorporations & Commercial Law UpdateCanadian Energy LawFinancial Services UpdateCanada Imposes Another Round of Sanctions on Russia in Response to the War in Ukraine<p><strong>On February 28, 2022, Canada imposed another round of sanctions on Russia in the wake of its invasion of Ukraine. The new sanctions, the key elements of which are described below, are now effective. They were imposed under the </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.canlii.org/en/ca/laws/stat/sc-1992-c-17/latest/sc-1992-c-17.html"><strong><em>Special Economic Measures Act</em></strong></a><strong> by way of amendment to the <em>Special Economic Measures (Russia) Regulations</em> (the “Russia SEMA Regulations”). Our </strong><strong><a href="https://stikeman.com/en-ca/kh/competitor/canada-imposes-further-sanctions-on-russia-in-response-to-the-invasion-of-ukraine">earlier blog post</a></strong><strong> describes the prior round of sanctions introduced on February 24, 2022.</strong></p> <h2>Russia SEMA Regulations</h2> <p>The February 28, 2022 amendments to the Russia SEMA Regulations add the following:</p> <ol> <li>18 more individuals were added to the to the list of individuals that are subject to a general dealing prohibition, including Vladimir Putin, Sergei Shoigu and Sergei Lavrov – respectively the President, Minister of Defence and Minister of Foreign Affairs of the Russian Federation.</li> <li>Three entities that were in the February 24, 2022 round of sanctions made subject to a prohibition on new debt financings of any term were instead on February 28, 2022 made subject to a general dealing prohibition in an apparent rapid (4-day) rethink of policy. These entities are: <ol style="list-style-type: lower-alpha;"> <li>Central Bank of the Russian Federation;</li> <li>National Wealth Fund of the Russian Federation; and</li> <li>Ministry of Finance of the Russian Federation.</li> </ol> </li> </ol> <p>The February 28, 2022 amendments also added the Bank of Canada to the list of Canadian entities that are required to determine on a continuing basis whether they are in possession or control of property owned or controlled by or on behalf of a designated person who is subject to a general dealing prohibition (including for example the Central Bank of the Russian Federation). This is significant because the Bank of Canada is the first public sector entity to be made subject to this requirement.</p> <h2>Further Sanctions on Russia?</h2> <p>Canada has announced intentions to impose further sanctions on Russia, including banning Russian-owned or registered ships and fishing vessels from Canadian ports and internal waters.</p> <h2>Conclusion</h2> <p>Canada has imposed another round of sanctions on Russia. Additional persons are subject to general dealing prohibitions. Further Canadian sanctions on Russia are likely. Canadian businesses must comply with economic sanctions laws, including these new sanctions.</p>03-Mar-2022 02:56:00{D0586DB5-8279-422C-925B-95C1637E2519}https://stikeman.com/en-ca/kh/competitor/canada-imposes-further-sanctions-on-russia-in-response-to-the-invasion-of-ukraineShawn C.D. Neylanhttps://stikeman.com/en-ca/people/n/shawn-c-d-neylanThe CompetitorCorporations & Commercial Law UpdateCanadian Energy LawFinancial Services UpdateCanada Imposes Further Sanctions on Russia in Response to the Invasion of Ukraine<p>On February 24, 2022, Canada imposed additional sanctions on Russia in the wake of its invasion of Ukraine. The new sanctions, the key elements of which are described below, are now effective and were imposed under the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.canlii.org/en/ca/laws/stat/sc-1992-c-17/latest/sc-1992-c-17.html"><em>Special Economic Measures Act</em></a> by way of amendment to two sets of regulations:</p> <ul> <li>The Special Economic Measures (Russia) Regulations (the “Russia SEMA Regulations”); and</li> <li>The Special Economic Measures (Ukraine) Regulations (the “Ukraine SEMA Regulations”).</li> </ul> <h2>Russia SEMA Regulations</h2> <p>The February 24, 2022 amendments to the Russia SEMA Regulations add the following:</p> <p style="padding-left: 30px;">1. a prohibition on new debt financings of any term, with three entities designated pursuant to this prohibition:</p> <p style="padding-left: 60px;">a. Central Bank of the Russian Federation;<br /> b. National Wealth Fund of the Russian Federation; and<br /> c. Ministry of Finance of the Russian Federation.</p> <p style="padding-left: 30px;">2. 382 individuals to the existing list of 120 individuals that are subject to general dealing prohibitions; and</p> <p style="padding-left: 30px;">3. 28 entities to the existing list of 71 entities that are subject to a general dealing prohibition, including:</p> <p style="padding-left: 60px;">a. 16 Russian banks;<br /> b. Gazprom, Gazpromneft, Russian Direct Investment Fund and Alrosa.</p> <h2>Ukraine SEMA Regulations</h2> <p>The reason that there are regulations specifically in respect of Ukraine is that regulations were required in respect of territory that Canada considers to be part of the Ukraine but which has been annexed by Russia or is under its control. Before the February 24 amendments, this applied only to the Crimea region of Ukraine that was previously annexed by Russia. The February 24 amendments add the regions the regulations refer to as:</p> <ol> <li>“DNR region of Ukraine or the so-called Donetsk People’s Republic and the territory it controls in the Donetsk oblast of eastern Ukraine” (the “DNR Region”); and</li> <li>“LNR region of Ukraine means the so-called Luhansk People’s Republic and the territory it controls in the Luhansk oblast of eastern Ukraine” (the “LNR Region”).</li> </ol> <p>Regulations in respect of Ukraine were also required to sanction Ukrainian nationals who were considered by the Canadian government to be persons engaged in activities that directly or indirectly facilitate, support, provide funding for or contribute to a violation or attempted violation of the sovereignty or territorial integrity of Ukraine or that obstruct the work of international organizations in Ukraine or are related in some way to such persons.</p> <p>The February 24 amendments add restrictions in relation to the DNR and LNR Regions, similar to those already in force in relation to the Crimea region, including prohibitions on:</p> <ol> <li>the making of investments involving a dealing in property (falling within certain categories) that is located in those regions;</li> <li>the provision or acquisition of financial or other related services with respect to any such investment;</li> <li>the import, purchase or acquisition of goods, wherever situated, from those regions;</li> <li>the export of goods destined for those regions or the sale, supply or transfer of goods, wherever situated, to any person in those regions;</li> <li>the provision of technical assistance to either of those regions or any person in those regions; and</li> <li>the provision of financial or other services related to tourism to, or the acquisition of such services from, either of those regions or any person in either of those regions.</li> </ol> <p>Also, four persons were added to the list of persons that are subject to general dealing prohibitions.</p> <h2>Conclusion</h2> <p>Canada has imposed significant new sanctions on Russia and on the DNR and LNR Regions. Many additional persons are subject to general dealing prohibitions. Canadian businesses must comply with economic sanctions laws, including these new sanctions.</p> <p><em>The descriptions of sanctions in this post are simplified for purposes of discussion. Some of the provisions are technical in nature and potentially difficult to apply. This post should not be taken as legal advice. </em></p>25-Feb-2022 08:45:00{C25C88CB-FCE0-4EEC-9997-0B78C70C40B1}https://stikeman.com/en-ca/kh/corporations-commercial-law/ottawa-issues-emergencies-act-proclamation-order-and-regulationsShawn C.D. Neylanhttps://stikeman.com/en-ca/people/n/shawn-c-d-neylanPeter E. Hamiltonhttps://stikeman.com/en-ca/people/h/peter-e-hamiltonAlix d'Anglejan-Chatillonhttps://stikeman.com/en-ca/people/d/alix-d-anglejan-chatillonRamandeep K. Grewalhttps://stikeman.com/en-ca/people/g/ramandeep-k-grewalCorporations & Commercial Law UpdateCOVID-19 Legal ResourcesFinancial Services UpdateCanadian Securities LawOttawa Issues Emergencies Act Proclamation, Order and Regulations, Citing Blockades at Various Locations in Canada<h2>Executive Summary</h2> <p><strong>The steps that the Canadian government has recently taken under the <em>Emergencies Act</em> in relation to blockades that are stated to be occurring in places throughout Canada pose significant compliance challenges for financial services providers. Firstly, they are required to cease dealings with persons who have participated in certain newly prohibited activities, and it will be challenging for financial services providers to make these determinations. At this point, it is unclear whether government institutions will provide lists of names. Further, some financial services providers will have new reporting obligations to FINTRAC<sup><a href="#anchor_1645134140143">[1]</a></sup>. Platform fund raisers (e.g., crowdfunding platforms) and payment processors will also be required to register with FINTRAC as domestic or foreign “money services businesses” if not already registered.</strong></p> <p><strong>It is possible that the new rules will not be confirmed by Parliament or that there will be changes in the coming days and weeks. It will be important to stay abreast of developments. In the meantime, financial service providers will need to carefully assess their obligations pursuant to the steps taken under the <em>Emergencies Act.</em></strong></p> <h2>Background</h2> <p>In response to continuing protests and blockades in the city of Ottawa and at certain Canada-U.S. border crossings, and pursuant to the extraordinary powers granted to it under the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://canlii.ca/t/7vbm"><em>Emergencies Act</em></a>, the Government of Canada has <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.gazette.gc.ca/rp-pr/p2/2022/2022-02-15-x1/html/sor-dors22-eng.html">ordered</a> that certain types of financial services providers – including banks, credit unions, insurers, foreign exchange business, fund remitters, virtual currency and securities dealers, platform fund raisers, payment processors and others – cease the provision of certain services that the Government believes are facilitating the blockades.</p> <p>Specifically, the order requires the financial services providers to immediately cease:</p> <p style="padding-left: 30px;">(a) dealing in any property, wherever situated, that is owned, held or controlled, directly or indirectly, by a designated person or by a person acting on behalf of or at the direction of that designated person;<br /> (b) facilitating any transaction related to a dealing referred to in paragraph (a);<br /> (c) making available any property, including funds or virtual currency, to or for the benefit of a designated person or to a person acting on behalf of or at the direction of a designated person; or<br /> (d) providing any financial or related services to or for the benefit of any designated person or acquire any such services from or for the benefit of any such person or entity.</p> <p>These restrictions are imposed under an <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.gazette.gc.ca/rp-pr/p2/2022/2022-02-15-x1/html/sor-dors22-eng.html">order</a> (the “Order”) and <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.gazette.gc.ca/rp-pr/p2/2022/2022-02-15-x1/html/sor-dors21-eng.html">regulations</a> (the “Regulations”) made by the government on February 15, 2022, following a <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://orders-in-council.canada.ca/attachment.php?attach=41560&lang=en">proclamation</a> (the “Proclamation”) made under the <em>Emergencies Act </em>declaring that a public order emergency exists throughout Canada that necessitates the taking of special temporary measures for dealing with the emergency. While the restrictions imposed under the Regulations are accompanied by enforcement provisions designed to encourage compliance, and violations of the Order can be prosecuted under the <em>Criminal Code</em>, the requirements lack clarity, give rise to significant questions for affected entities and are likely to raise many legal issues. This note focusses on issues that are most likely to be of relevant to businesses.</p> <h2>Grounds for Declaring a Public Order Emergency</h2> <p>The Proclamation, made on February 14, 2022 and a necessary precursor to Order and Regulations, states that the public order emergency is constituted by:</p> <p style="padding-left: 30px;">(a) the continuing blockades by both persons and motor vehicles that is occurring at various locations throughout Canada and the continuing threats to oppose measures to remove the blockades, including by force, which blockades are being carried on in conjunction with activities that are directed toward or in support of the threat or use of acts of serious violence against persons or property, including critical infrastructure, for the purpose of achieving a political or ideological objective within Canada;<br /> (b) the adverse effects on the Canadian economy — recovering from the impact of the pandemic known as the coronavirus disease 2019 (COVID-19) — and threats to its economic security resulting from the impacts of blockades of critical infrastructure, including trade corridors and international border crossings;<br /> (c) the adverse effects resulting from the impacts of the blockades on Canada’s relationship with its trading partners, including the United States, that are detrimental to the interests of Canada;<br /> (d) the breakdown in the distribution chain and availability of essential goods, services and resources caused by the existing blockades and the risk that this breakdown will continue as blockades continue and increase in number, and<br /> (e) the potential for an increase in the level of unrest and violence that would further threaten the safety and security of Canadians.</p> <h2>Requirements Under the Order</h2> <p>While the Order requires that types of financial services providers listed above cease the prescribed activities in respect of designated persons, it does not provide a list of designated persons. Rather it defines “designated persons” as any individual or entity that is engaged, directly or indirectly, in an activity prohibited by sections 2 to 5 of the Regulations (a “Prohibited Activity”). While many financial services providers already screen counterparties for designated persons status under economic sanctions and anti-terrorism laws, such laws generally require the Government to provide the names of designated persons (hence their description as “designated”).</p> <h3>Identifying persons engaged in Prohibited Activities</h3> <p>The immediate challenge for financial service providers will be to assess what steps they must take to identify persons who are engaged directly or indirectly in a Prohibited Activity. The Order provides that Canadian federal, provincial and territorial institutions may disclose information to financial services providers described in the Order, if the disclosing institution is satisfied that the disclosure will contribute to the application of the Order. Presumably this disclosure will involve names of persons allegedly involved in Prohibited Activities. Financial services providers will, on receipt of such disclosure, have to decide whether to act on the basis of the information it contains – a decision that may present some serious challenges given that non-compliance with the Order is subject to prosecution.</p> <p>The RCMP has reportedly circulated a list of cryptocurrency wallets to financial service providers in order that these providers cease facilitating transactions in relation to the listed wallets. At this time, it is unclear whether names of persons have been provided. It would be understandable if the government has chosen not to name specific individuals on the basis that at this point they would merely be persons alleged by the government to have committed crimes, but who would not have been convicted of such crimes. However, leaving it to financial service providers to investigate their customers or to rely on lists of names, not set out in any law, that are provided by law enforcement or other government agencies is extraordinary, particularly given the potential to be prosecuted for dealing with such persons.</p> <p>Financial services providers described in the Order must also determine on a continuing basis whether they are in possession or control of property that is owned, held or controlled by or on behalf of a designated person. This likely requires daily screening by financial services providers of whatever names are available to them of persons who are allegedly engaged in Prohibited Activities.</p> <h3>Expanded FINTRAC MSB registration and reporting requirements</h3> <p>The Order also requires platform fund raisers (e.g., crowdfunding platforms) and payment processors to register with FINTRAC as “money services businesses” and report to FINTRAC the transactions and information similar to what is already required of money service providers, namely transactions of certain descriptions generally in the amount of C$10,000 or more, whether or not they are suspicious transactions. </p> <p>The <em>Proceeds of Crime (Money Laundering) and Terrorist Financing Act</em> and related regulations require that both Canadian and foreign businesses that are captured by the definitions of “money services business” (for domestic businesses) or “foreign money services business” register in that capacity with FINTRAC. </p> <p>In particular, under the Order, foreign crowdfunding and crypto trading platforms may be subject to registration as a “foreign money services business” if they are:</p> <p style="padding-left: 30px;">"persons and entities that do not have a place of business in Canada, that are engaged in the business of providing at least one of the following services that is directed at persons or entities in Canada, and that provide those services to their clients in Canada:</p> <p style="padding-left: 30px;">(i) foreign exchange dealing,<br /> (ii) remitting funds or transmitting funds by any means or through any person, entity or electronic funds transfer network,<br /> (iii) issuing or redeeming money orders, traveller’s cheques or other similar negotiable instruments except for cheques payable to a named person or entity,<br /> (iv) dealing in virtual currencies, or<br /> (v) any prescribed service”.</p> <h3>Requirements to report to the RCMP and CSIS</h3> <p>Financial services providers described in the Order must disclose without delay to the Commissioner of the Royal Canadian Mounted Police or to the Director of the Canadian Security Intelligence Service:</p> <p style="padding-left: 30px;">(a) the existence of property in their possession or control that they have reason to believe is owned, held or controlled by or on behalf of a designated person; and<br /> (b) any information about a transaction or proposed transaction in respect of property referred to in paragraph (a).</p> <p>It is noteworthy that the above-described provisions of the Order are apparently made under the authority in the <em>Emergencies Act</em> to make orders in relation to “the use of specified property”. Whether these provisions would be found by a Court to be lawfully made under that authority remains to be seen.</p> <h3>Immunity from civil proceedings for compliance with order</h3> <p>The Order also provides that no proceedings under the <em>Emergencies Act</em> and no civil proceedings lie against an entity for complying with the Order. Consequently, financial service providers may decide, possibly reluctantly in some cases, to act on lists of names provided by governmental institutions or other names that come to their attention as persons alleged to be engaged in Prohibited Activities.</p> <p>No punishment is specified by the Order. Contraventions can be prosecuted under s. 127(1) of the <em>Criminal Code</em>, which provides:</p> <p style="padding-left: 30px;">Every one who, without lawful excuse, disobeys a lawful order made by … a person or body of persons authorized by any Act to make or give the order, … is, unless a punishment or other mode of proceeding is expressly provided by law, guilty of<br /> (a) an indictable offence and liable to imprisonment for a term not exceeding two years; or<br /> (b) an offence punishable on summary conviction.</p> <p>The use of “disobeys” likely means that in a prosecution it would be necessary to prove <em>mens rea, </em>or criminal intent, which can be understood as a need to prove morally blameworthy conduct.</p> <h2>Provisions of the Regulations</h2> <p>The Regulations identify the following types of Prohibited Activities:</p> <h3>Public assemblies that may reasonably be expected to lead to a breach of the peace</h3> <p>The Regulations prohibit persons from participating in certain defined types of public assemblies (“Prohibited Assemblies”). The Regulations define such assemblies as those that may reasonably be expected to lead to a breach of the peace through:</p> <ol style="list-style-type: lower-alpha;"> <li>the serious disruption of the movement of persons or goods or the serious interference with trade;</li> <li>interference with the functioning of critical infrastructure; or</li> <li>support of the threat or use of acts of serious violence against persons or property.</li> </ol> <p>The Regulations define “critical infrastructure” broadly as any of the following infrastructure, including the land on which they may be located:</p> <ol style="list-style-type: lower-alpha;"> <li>airports, aerodromes, heliports, harbours, ports, piers, lighthouses, canals, railway stations, railways, tramway lines, bus stations, bus depots and truck depots;</li> <li>infrastructure for the supply of utilities such as water, gas, sanitation and telecommunications;</li> <li>international and interprovincial bridges and crossings;</li> <li>power generation and transmission facilities;</li> <li>hospitals and locations where COVID-19 vaccines are administered;</li> <li>trade corridors and international border crossings, including ports of entry, ferry terminals, customs offices, bonded warehouses, and sufferance warehouses.</li> </ol> <p>While in some cases it will be clear that a proposed public assembly would be prohibited by the Regulations (e.g., a proposed blockade of a border crossing, railway or airport operations), in others it will be uncertain (e.g., a proposed pedestrian protest along a street in a city that is intended to last for a few hours). Further, assembly participants may be charged with offences based on facts unknown to them at the time they determined to attend an assembly, whether such facts existed before the assembly or relate to what actually transpired, perhaps unexpectedly to some participants of an assembly. In many cases, therefore, it may be very difficult (or impossible) for financial services providers to assess whether a person alleged to have participated in a Prohibited Assembly is a “designated person” for purposes of the Order. As noted above, this may leave financial service providers to assess whether they should rely on names of persons provided by governmental institutions as having participated in a Prohibited Assembly when deciding which of the people they deal with should be regarded as “designated persons”.</p> <h3>Foreign nationals</h3> <p>The Regulations prohibit foreign nationals from entering Canada with the intent to participate in or facilitate an assembly that may reasonably be expected to lead to a breach of the peace in any of the ways specified by the Regulations.</p> <p>The difficulties posed for financial service providers to assess whether a client is a foreign national who has entered Canada with the intent to participate in an assembly are similar to those in relation to the prohibition in relation to public assemblies that are reasonably expected to lead to a breach of the peace.</p> <h3>Travel in relation to prohibited assemblies</h3> <p>The Regulations prohibit persons from travelling to or within an area where a Prohibited Assembly referred to in subsection 2(1) is taking place.</p> <p>This prohibition also raises challenges of application for persons who may be considering attending an assembly and for financial services providers in determining what is required to comply with the Order. For example, is travelling to a border crossing where a protest is expected in order to cross the border prohibited under the regulations? If a person finds themselves in an assembly that clearly becomes a Prohibited Assembly may that person travel through the area where the assembly is occurring with the intention of departing? </p> <h3>Supporting prohibited assemblies</h3> <p>The Regulations prohibit persons from directly or indirectly using, collecting, providing, making available or inviting a person to provide property to facilitate or participate in any Prohibited Assembly or for the purpose of benefiting any person who is facilitating or participating in such an activity.</p> <p>The Regulations also:</p> <ul> <li>Authorize the securing of various sites such as critical infrastructure, government buildings and war memorials; on February 17, 2022 it was reported that a fence was being erected around Parliament Hill.</li> <li>Require persons, for compensation, to make available and render the essential goods and services requested by the Minister of Public Safety and Emergency Preparedness, the Commissioner of the Royal Canadian Mounted Police or a person acting on their behalf for the removal, towing and storage of any vehicle, equipment, structure or other object that is part of a blockade.</li> </ul> <p>In the case of a failure to comply with the Regulations, any peace officer may take the necessary measures to ensure the compliance with these Regulations and with any provincial or municipal laws and allow for the prosecution for that failure to comply.</p> <p>This new power is likely intended to provide law enforcement with authority to end Prohibited Assemblies. In other words, in addition to the more usual law enforcement activities of investigating and laying charges in relation to unlawful actions, law enforcement will be empowered to enforce compliance with the law. Often these kinds of enforcement orders are made by courts. This will pose challenges for law enforcement, who will not be able to rely on a judicial decision and will instead need themselves to make a determination as to whether the law is being breached before taking actions to end assemblies. Law enforcement’s preference and ability to secure peaceful resolutions, without forcing compliance but with charges laid where warranted, can be seen in the conclusion of border blockades prior to the making of the Proclamation.</p> <p>The Regulations also create an offence for failure to comply with them. This is an offence created not by Parliament, but by Canada’s executive government. The penalty for failure to comply with the Regulations is:</p> <p style="padding-left: 30px;">(a) on summary conviction, to a fine not exceeding five hundred dollars or to imprisonment for a term not exceeding six months or to both; or<br /> (b) on indictment, to a fine not exceeding five thousand dollars or to imprisonment for a term not exceeding five years or to both.</p> <p>Of note is that the Regulations set out this punishment for mere failures to comply; they do not require that the failure be willful. This may indicate that Cabinet intends that these be strict liability offences, meaning that the prosecutor would not have to prove criminal intent or morally blameworthy conduct. A court will have to determine the nature of these offences and whether prosecutors will have to prove criminal intent.</p> <h2>Additional Background</h2> <h3>Key definitions</h3> <p>The <em>Emergencies Act</em> gives the Governor in Council, i.e., the Cabinet or Canada’s executive government, the power to make a proclamation that there is a public order emergency. This type of “emergency” is defined as arising from threats to the security of Canada that are so serious as to constitute a national emergency. “Threats to the security of Canada” is defined on the basis of the definition of that term in the <em>Canadian Security Intelligence Service Act</em>, namely:</p> <p style="padding-left: 30px;">(a) espionage or sabotage that is against Canada or is detrimental to the interests of Canada or activities directed toward or in support of such espionage or sabotage,<br /> (b) foreign influenced activities within or relating to Canada that are detrimental to the interests of Canada and are clandestine or deceptive or involve a threat to any person,<br /> (c) activities within or relating to Canada directed toward or in support of the threat or use of acts of serious violence against persons or property for the purpose of achieving a political, religious or ideological objective within Canada or a foreign state, and<br /> (d) activities directed toward undermining by covert unlawful acts, or directed toward or intended ultimately to lead to the destruction or overthrow by violence of, the constitutionally established system of government in Canada.</p> <p>The definition excludes lawful advocacy, protest or dissent, unless carried on in conjunction with any of the activities referred to in paragraphs (a) to (d). In other words, lawful protest carried on in conjunction with any of the activities in paragraphs (a) to (d) is included within the definition of threats to the security of Canada.</p> <h3>Possibility of Charter challenges</h3> <p>There will almost certainly be a number of challenges of the Proclamation, Order and Regulations under the <em>Canadian Charter of Rights and Freedoms</em> (the “Charter”) – whether as standalone challenges or in the context of prosecutions for alleged breaches of the Order and Regulations.</p> <p>Perhaps most centrally, s. 2 of the Charter guarantees as a fundamental freedom the freedom of peaceful assembly. Under s. 1 of the Charter certain rights guaranteed by the Charter, including those set out in s. 2, are stated to be subject only to such reasonable limits prescribed by law as can be demonstrably justified in a free and democratic society. There is a considerable body of case law regarding the application of this test that is beyond the scope of this note. The Canadian government will almost certainly seek to rely on s. 1 in the event of Charter challenges to the Order and Regulations.</p> <p>The <em>Emergencies Act </em>requires that the government bring motions in Parliament – both the House of Commons and the Senate – for confirmation of the Proclamation, and that it must do so within seven days of the date of the declaration. A motion has been tabled in the House of Commons for debate on February 17, 2022 to confirm the Proclamation. Both houses of Parliament (and, if the Proclamation is confirmed, ultimately the courts) will presumably consider if the grounds stated in the Proclamation are of a nature and sufficient to justify the making of the Proclamation, and whether there is sufficient factual basis to support these grounds. If either the House of Commons or the Senate were to vote down the motion, the declaration would be immediately revoked and the order and regulations made pursuant to the declaration would expire immediately. However, as of February 15, 2022, the order and regulations are effective and have the force of law, subject to Charter or other legal challenges in the courts.</p> <p>The government is also required to lay the Order and Regulations before both the House and the Senate within two days of their having being made. The <em>Emergencies Act</em> sets out a process by which either body may revoke or amend the order or regulations. It can be anticipated that the House and the Senate will consider whether existing Canadian laws – for example the prohibitions on unlawful assemblies and riots in the <em>Criminal Code</em> – were sufficient such that some or all of the Order and Regulations need not have been made. Further, the <em>Emergencies Act</em> provides for a review process to consider the exercise of powers and the performance of duties and functions pursuant to a declaration of emergency.</p> <h2>Going Forward</h2> <p>The Order and Regulations are likely to create many compliance challenges for financial service providers. This and other issues under these new laws will likely result in a rapidly developing legal analysis of the application of the Order and Regulations. Undoubtedly there will be constitutional and other challenges. Further, whether Parliament will intervene to revoke or amend any of this framework remains to be seen.</p> <hr /> <p><a name="anchor_1645134140143" id="anchor_1645134140143">[1] </a>The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) is Canada's financial intelligence unit.</p>17-Feb-2022 09:21:00{6A5601A8-BFEE-4623-A041-9AA4BF60318D}https://stikeman.com/en-ca/kh/insurance-law/quebecs-amf-releases-draft-incentive-management-guideline-for-financial-institutionsAndrew S. Cunninghamhttps://stikeman.com/en-ca/people/c/andrew-s-cunninghamStuart S. Carruthershttps://stikeman.com/en-ca/people/c/stuart-s-carruthersInsurance Law UpdateFinancial Services UpdateQuébec’s AMF Releases Draft Incentive Management Guideline for Financial Institutions<p><strong>The Autorité des marchés financiers (“AMF”) recently released a draft version of its </strong><a href="https://lautorite.qc.ca/fileadmin/lautorite/consultations/lignes-directrices/2022-01-28-Fin/2021nov04-ld_gestion-incitatifs-cons-en.pdf"><strong><em>Incentive Management Guideline</em></strong></a><strong> (“<em>Draft Guideline</em>”), which applies to Québec-regulated insurers, financial services cooperatives, trust companies, savings companies and other authorized deposit institutions. </strong></p> <p>The <em>Draft Guideline</em> supplements the AMF’s <a href="https://lautorite.qc.ca/en/professionals/insurers/guidelines/commercial-practices/sound-commercial-practices-guideline"><em>Sound Commercial Practices Guideline</em></a>, drawing on international best practices and the AMF’s own experiences as a regulator. It covers some of the same ground as the <a href="https://stikeman.com/en-ca/kh/insurance-law/fair-treatment-of-customers-results-released-from-the-ccir-s-cooperative-review">CCIR-CISRO working group</a>’s ongoing consultation on incentive risk (in which the AMF plays a leading role), which could eventually result in regulatory duplication or inconsistency for the insurance sector in Québec. No other province has released incentives management guidance.</p> <p>It should be noted that the <em>Draft Guideline</em> consultation is separate from the AMF’s current, more general <a href="https://lautorite.qc.ca/fileadmin/lautorite/consultations/lignes-directrices/2021-12-03-Fin/2021oct21-LD-pratiques-commerciales-avis-cons-en.pdf">consultation</a> on its proposed updated <em>Sound Commercial Practices Guideline</em>.</p> <p>Released on November 4, 2021, the <a href="https://lautorite.qc.ca/fileadmin/lautorite/consultations/lignes-directrices/2022-01-28-Fin/2021nov04-ld-gestion-incitatif-avis-cons-en.pdf">AMF’s announcement</a> invites public comments, with a submission deadline that has been <a href="https://lautorite.qc.ca/fileadmin/lautorite/consultations/lignes-directrices/2022-01-28-Fin/avis_prolong_LDGI_20211206-en.pdf">extended</a> to February 18, 2022.</p> <h2>Background</h2> <p>One of the expectations set out in the <em>Sound Commercial Practices Guideline</em> is that real or potential conflicts of interest be avoided or managed in a way that protects the Fair Treatment of Customers (“FTC”) principle. The <em>Draft Guideline</em> focuses on financial institutions’ incentive arrangements because of their potential, when not carefully designed or managed, to create conflicts of interest. It adds further expectations relating to the management of such arrangements, which arrangements can include:</p> <ul> <li>Monetary incentives, e.g. commissions or performance-based salaries/bonuses; and</li> <li>Non-monetary incentives, e.g. performance-based rewards or privileges.</li> </ul> <p>Performance criteria can be either quantitative (e.g. sales volume) or qualitative (e.g. client satisfaction).</p> <h2>Expectations</h2> <p>The AMF’s expectations fall into four categories, as follows:</p> <ul> <li>Governance;</li> <li>Managing incentive arrangements;</li> <li>Identification and assessment of risks of practices that could adversely affect FTC; and</li> <li>Quality monitoring.</li> </ul> <p>While the AMF purports to take a principles-based approach, the <em>Draft Guideline</em> uses language that is more “mandatory” in tone than might have been expected and often appears to require financial institutions to take specific actions in order to achieve the expected outcomes. Throughout the <em>Draft Guideline</em>, the requirements/outcomes are phrased as, for example, “ensure”, “satisfy” and “identify”, rather than, for example, “reasonably designed to” ensure, satisfy or identify.</p> <h3>Governance</h3> <p>The <em>Draft Guideline</em> summarizes the AMF’s governance expectation as follows:</p> <p>The AMF expects financial institutions’ decision-making bodies to place FTC at the centre of decisions concerning the way incentive arrangements are managed.</p> <p>The implications of this expectation for directors and officers are set out in some detail in the <em>Draft Guideline</em>.</p> <p>While the <strong>board of directors</strong> might normally be expected to set the tone for FTC and provide high-level stewardship, while leaving the day-to-day details of implementation to management, the <em>Draft Guideline</em> creates specific expectations for directors at the operational level:</p> <ul> <li>Ensuring that committees responsible for monitoring changes in business structure and identifying practices that could affect FTC are also ensuring that incentive plans are consistent with client interests;</li> <li>Ensuring that incentive arrangements that are not consistent with FTC are changed in a timely manner; and</li> <li>Ensuring that clients that are harmed by a practice that adversely affects FTC are dealt with appropriately.</li> </ul> <p>The AMF’s expectations for <strong>senior management</strong> include:</p> <ul> <li>Overseeing incentive arrangements in order to manage any risk they pose to FTC;</li> <li>Reviewing incentive arrangements in collaboration with the risk management, compliance and human resources departments at least once per year; and</li> <li>Assessing the impact of an identified practice that adversely affects FTC and ensuring that clients that are harmed by such a practice are dealt with appropriately.</li> </ul> <h3>Managing incentive arrangements</h3> <p>At the most general level, the <em>Draft Guideline</em> states simply that “the AMF expects incentive arrangements to be managed in a manner that ensures FTC”. However, it elaborates on this expectation in a number of ways:</p> <ul> <li>Extending the requirement to satisfy FTC obligations to intermediaries and more broadly to any other person offering the financial institution’s products or services on its behalf, which appears, in the case of insurers, to potentially blur the line between tied agents and independent brokers who are not subject to control by the carrier; and</li> <li>Establishing a set of criteria for incentive mechanism design, which include such detailed recommendations as ensuring that (among others): <ul> <li>performance targets are well defined;</li> <li>incentives are consistent with the level of service expected;</li> <li>variations in incentive arrangements do not result in differing charges for the same product depending on which intermediary is offering it;</li> <li>ensuring that incentive arrangements for managers do not result in the application of pressure on staff or intermediaries that could adversely affect FTC;</li> <li>information is collected that allows for the identification of individuals, sales teams, lines of business, products and trends that are particularly at risk of adversely affecting FTC; and</li> <li>appropriate corrective measures are established, including chargeback mechanisms by which awarded incentives can be clawed back.</li> </ul> </li> </ul> <h3>Identification and assessment of risks of practices that could adversely affect FTC</h3> <p>The AMF expects financial institutions to “identify and regularly assess the risks of practices that could adversely affect FTC arising from incentive arrangements.” Two appendices to the <em>Draft Guideline</em> provide additional detail, as follows:</p> <ul> <li>Appendix A lists <strong>17 “key indicators”</strong> that an individual or sales team is incentivized in a way that creates an increased risk of adversely affecting FTC, including, among others, frequent chargebacks/product replacements/cancellations, disproportionate sales of high-commission products and a lack of variety in products sold.</li> <li>Appendix B lists <strong>24 incentive features </strong>that increase those risks, including, among others, “Incentives awarded for sales of a specific product for a limited period of time”, “Incentives awarded on a discretionary basis” and “Monetary incentives representing a significant portion of a person’s remuneration package”. The Appendix also identifies certain incentive risks that may be created in a financial institution’s agreements with intermediaries.</li> </ul> <p>The identification and assessment of these risks requires:</p> <ul> <li>Regular review of incentive arrangements;</li> <li>Focusing on incentives that are based primarily on quantitative performance targets and criteria;</li> <li>Consideration of the combined impact of multiple sales arrangements on the same sale, of sales campaigns focused on particular products and of intermediaries’ incentive arrangements (among others); and</li> <li>Assessment of the likelihood that practices could adversely affect FTC.</li> </ul> <h3>Quality monitoring</h3> <p>Finally, the AMF expects financial institutions to have controls in place to identify any inappropriate sales or practices related to incentive agreements. This expectation is strongest for incentive arrangements that are most likely to result in practices that adversely affect FTC.</p> <p>Quality monitoring includes:</p> <ul> <li>Ensuring that those conducting the monitoring are well trained and independent;</li> <li>Taking into account the risk to FTC that each type of practice poses;</li> <li>Using various types of controls to assess interactions with clients (e.g. direct observation, mystery shopping, client surveys); and</li> <li>Regularly analyzing the results of sales quality controls to ensure that they are effective in identifying concerns or issues relating to FTC.</li> </ul> <h2>Next Steps</h2> <p>As noted above, the comment period closes on February 18, 2022. For further information and instructions for submitting comments, please see the AMF’s November 4, 2021 <a href="https://lautorite.qc.ca/fileadmin/lautorite/consultations/lignes-directrices/2022-01-28-Fin/2021nov04-ld-gestion-incitatif-avis-cons-en.pdf">announcement</a>.</p>15-Dec-2021 03:01:00{6CBE381E-E223-4FB9-8779-C6B818C88290}https://stikeman.com/en-ca/kh/insurance-law/osfi-releases-draft-guideline-b-13-on-technology-and-cyber-risk-managementAndrew S. Cunninghamhttps://stikeman.com/en-ca/people/c/andrew-s-cunninghamStuart S. Carruthershttps://stikeman.com/en-ca/people/c/stuart-s-carruthersInsurance Law UpdateCanadian Technology & IP LawFinancial Services UpdateOSFI Releases Draft Guideline B-13 on Technology and Cyber Risk Management<p><strong>On November 9, 2021, Canada’s Office of the Superintendent of Financial Institutions (“OSFI”) <a rel="noopener noreferrer" rel="noopener noreferrer" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/b13-let.aspx" target="_blank">launched a public consultation</a> on the newly released draft version of <a rel="noopener noreferrer" rel="noopener noreferrer" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/b13.aspx" target="_blank">Guideline B-13: Technology and Cyber Risk Management</a>. The proposed Guideline is designed to complement existing Guidelines <a rel="noopener noreferrer" rel="noopener noreferrer" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/e21.aspx" target="_blank">E-21</a> (Operational Risk Management) and <a rel="noopener noreferrer" rel="noopener noreferrer" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/b10.aspx" target="_blank">B-10</a> (Outsourcing of Business Activities, Functions and Processes) as well as OSFI’s <a href="https://stikeman.com/en-ca/kh/insurance-law/osfi-tightens-technology-and-cybersecurity-incident-reporting-requirements-for-frfis" target="_blank">Technology and Cyber Incident Reporting Policy</a>, including its <a rel="noopener noreferrer" rel="noopener noreferrer" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/in-ai/Pages/cbrsk.aspx" target="_blank">Cyber Security Self-Assessment</a> tool.</strong></p> <p>Comments on the draft version of Guideline B-13 will be accepted until <strong>February 9, 2022</strong>. The draft version is based in part on feedback received in response to OSFI’s <a href="https://stikeman.com/en-ca/kh/financial-services/financial-sector-risk-in-a-digital-world-osfi-discussion-paper-outlines-key-issues" target="_blank">2020 discussion paper on technology and related risks</a>. OSFI’s <a rel="noopener noreferrer" rel="noopener noreferrer" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/b13-let.aspx" target="_blank">responses to specific feedback items</a> were included with the November 9 announcement.</p> <p>Relatedly, OSFI is also expecting to shortly release for comment a draft of a significantly updated and expanded version of Guideline B-10, which will include guidance respecting cloud service providers, in addition to providers of other outsourced services, and OSFI is consulting with federally regulated financial institutions (FRFIs) on operational resilience more generally.</p> <h2>Overall Approach of Guideline B-13</h2> <p>Draft Guideline B-13 takes what OSFI calls a “layered approach”. In other words, its high-level expectations apply to all FRFIs but the more granular recommendations focus on “providing sufficiently clear guidance to institutions that may benefit from it”. This approach recognizes that larger FRFIs, such as the major banks, may already have systems in place that fully address OSFI’s high-level expectations. Like most recent OSFI guidance, the Guideline is principles-based, but also includes more than 20 pages of extensive and detailed operational and governance expectations, which will be challenging for smaller institutions to comply with. However, it indicates, as customary, that FRFIs should implement the expectations in a manner commensurate with the FRFI’s particular size; nature, scope and complexity of operations; and risk profile. OSFI’s expectations are technology-neutral “anticipating the need for FRFIs to compete effectively and take full advantage of digital innovation”.</p> <p>The uppermost layer of the Guideline, which applies most generally, are five “outcomes” that are expected with respect to the five “domains” that the Guideline addresses. These are as follows:</p> <table> <tbody> <tr> <td style="width: 181px;"> <p><strong>Domain</strong></p> </td> <td style="width: 313px;"> <p><strong>Outcome</strong></p> </td> </tr> <tr> <td style="width: 181px;"> <p>Technology and Cyber Governance and Risk Management</p> </td> <td style="width: 313px;"> <p>Technology and cyber risks are governed through clear accountabilities and structures, and comprehensive strategies and frameworks.</p> </td> </tr> <tr> <td style="width: 181px;"> <p>Technology Operations</p> </td> <td style="width: 313px;"> <p>A technology environment that is stable, scalable and resilient. The environment is kept current and supported by robust and sustainable technology operating processes.</p> </td> </tr> <tr> <td style="width: 181px;"> <p>Cyber Security</p> </td> <td style="width: 313px;"> <p>A secure technology posture that maintains the confidentiality, integrity and availability of the FRFI’s technology assets.</p> </td> </tr> <tr> <td style="width: 181px;"> <p>Third-party Provider Technology and Cyber Risk</p> </td> <td style="width: 313px;"> <p>Reliable and secure technology and cyber operations from third-party providers.</p> </td> </tr> <tr> <td style="width: 181px;"> <p>Technology Resilience</p> </td> <td style="width: 313px;"> <p>Technology services are delivered, as expected, through disruption.</p> </td> </tr> </tbody> </table> <p>A second “layer” in the document consists of 18 “principles” that are scattered throughout the document, summarizing key points made in the detailed text, which constitutes the third and final “layer”.</p> <p>Our summary below is divided into five sections, reflecting the five “domains” that are considered in the Guideline.</p> <h2>1. Technology and Cyber Governance and Risk Management</h2> <p>The first section of the Guideline deals with <strong>governance and risk management</strong>. OSFI expects the FRFI’s organizational structure to be designed to manage technology and cyber risks, with clear roles and responsibilities and adequate training and resources. Senior officers with stature and visibility in the FRFI’s organization should be appointed to lead these efforts. Specific titles are not mandated, but these individuals would typically hold positions such as Chief Technology Officer (“CTO”), Chief Information Officer (“CIO”), Chief Information Security Officer (“CISO”) and/or Head of Information Technology.</p> <p>In addition, according to the Guideline each FRFI should develop:</p> <ul> <li>a <strong>strategic technology and cyber plan</strong> that aligns with its overall business plan and which is supported by the tools and processes necessary for its implementation; and</li> <li>a <strong>technology and cyber risk management framework (“RMF”)</strong> that aligns with the FRFI’s overall risk management plan. The RMF should include policies and processes as well as reporting and accountability standards, as outlined in the Guideline.</li> </ul> <h2>2. Technology Operations</h2> <p>The Guideline includes <strong>extensive operational recommendations</strong> relating to technology architecture, systems development life cycles, asset and project management, service management/monitoring and management of incidents, changes and patches. As noted above, the specific recommendations are intended as guidance and do not necessarily require organizations to change existing practices that achieve the same outcomes.</p> <h3>Technology architecture and service monitoring</h3> <p>The FRFI’s systems infrastructure should be <strong>carefully designed for availability, scalability, security and resilience</strong> in the context of the business functions and services that they support. The importance of designing systems that can evolve in response to changes in the business is also emphasized.</p> <p>The Guideline also recommends that internal technology service performance – including service desk and operations/network management, among others – be measured and monitored through the use of performance indicators and service targets.</p> <h3>Systems development life cycle (“SDLC”) framework</h3> <p>The FRFI’s technology architecture should be <strong>integrated into a SDLC framework</strong> that is structured so that new systems are never adopted without appropriate security and risk assessments. Controls recommended by the Guideline include (among others):</p> <ul> <li>peer code reviews;</li> <li>security scanning of code;</li> <li>privileged access management and key management;</li> <li>data integrity/confidentiality protection;</li> <li>removal of unnecessary services and programs; and</li> <li>authentication, authorization, security logging and monitoring.</li> </ul> <p>The Guideline also recommends an extensive <strong>change management plan</strong> for both planned and emergency situations. Such a plan should include safeguards designed to ensure that authority over the change process is distributed among multiple individuals and that all changes are traceable. Patches should also be applied in accordance with these change management processes.</p> <h3>Technology asset and project management</h3> <p>Asset management is one of the key operational functions identified in the Guideline, which includes <strong>extensive recommendations for technology inventories</strong>. Technology assets should be categorized in terms of their critical importance to the business and significant interdependencies among assets should be noted.</p> <p>The Guideline emphasizes the importance of <strong>recording all asset categories</strong>, including:</p> <ul> <li>the FRFI’s own assets, whether owned, leased or otherwise;</li> <li>any employee assets that are used for business purposes, e.g. under “bring your own device” (“BYOD”) policies; and</li> <li>assets owned by third parties, contractors, consultants, etc., that are used to provide services to the FRFI.</li> </ul> <p>All forms of technology should be continuously monitored to ensure upgrades and patches are installed while obsolete and unsupported technology is removed or replaced.</p> <p>The Guideline also recommends effective project management processes to ensure that technology projects are achieved within the FRFI’s risk tolerance.</p> <h3>Incident and problem management</h3> <p>FRFIs should implement <strong>technology incident management standards</strong> that will allow them to detect, manage, resolve and report on incidents while simultaneously minimizing their impacts. These standards would generally include:</p> <ul> <li>defining and documenting roles and responsibilities;</li> <li>establishing early warning indicators;</li> <li>classifying incidents according to priority;</li> <li>developing response procedures that mitigate incident impacts, including communications strategies;</li> <li>performing stress tests on incident response plans; and</li> <li>establishing and testing incident management strategies with third-party providers such as crisis communications agencies.</li> </ul> <p>In addition, <strong>post-incident reviews</strong> should be incorporated into the process in order to improve future incident response.</p> <h2>3. Cyber Security</h2> <p>The longest section of Guideline B-13 deals with cyber security. This section is divided into four subsections that focus respectively on (i) identifying, (ii) defending, (iii) detecting and (iv) responding to/recovering from cyber security risks and breaches.</p> <h3>Identifying security risks and breaches</h3> <p>The FRFI should identify risks, including through <strong>intelligence-led threat assessment and testing</strong> that enables technology vulnerabilities to be ranked by severity, with additional attention to cumulative risks (in which an incident engages multiple vulnerabilities simultaneously). Risks can also be identified through participation in industry-wide information-sharing forums. The FRFI’s cyber risk profile should be constantly monitored and reported on.</p> <p>Related to this is the <strong>identification of security breaches</strong>, including through periodic scans of data environments to detect changes and deviations that may indicate unauthorized access. Enabling and encouraging employees, customers and third parties to report suspicious activities is another recommended step, which may require an enhancement of employee education in the data security area.</p> <h3>Defending the business against security risks</h3> <p>The Guideline emphasizes preventative measures, recommending that the FRFI adopt <a rel="noopener noreferrer" rel="noopener noreferrer" href="https://en.wikipedia.org/wiki/Secure_by_design" target="_blank"><strong>“secure-by-design</strong></a><strong>” practices</strong> throughout its operations and implement a process to convert detection controls into prevention controls. This includes adopting strong cryptographic technologies with secured encryption keys as part of a general program to control and regularly reassess access permissions, as well as strictly enforcing security configuration baselines (with detection and remediation of unapproved deviations).</p> <p>Cyber security controls should be layered and designed to contain any cyber attack that may occur. Recognizing that <strong>data protection is critical at all points in the data life cycle</strong>, the Guideline recommends that FRFIs should:</p> <ul> <li>implement risk-based data protection controls for data residing in all environments under its direct control (including development, testing, production and backup) as well as in those under third-party control (including Cloud Service Providers (“CSPs”));</li> <li>protect backup data from ransomware and other cyber attacks;</li> <li>establish multi-layered controls for encrypting data at rest, in transit and in use; and</li> <li>implement risk-based data loss prevention strategies, focusing on high-risk cases.</li> </ul> <p>When security vulnerabilities are discovered, they should be remediated according to pre-established timelines for various risk levels (e.g., a “critical” vulnerability should be remediated within 48 hours). The Guideline recommends that progress of remediation processes be formally monitored against the defined timelines.</p> <p>In general, <strong>the FRFI is expected to safeguard its networks by minimizing their “attack surface”</strong>. External facing application services and network infrastructure should have additional layers of security and be regularly and rigorously tested. The Guideline also recommends additional security for hosts, endpoints and mobile devices. In addition, network infrastructure and other technology assets should be protected by physical access controls and processes.</p> <h3>Detecting security issues</h3> <p>According to the Guideline, the FRFI should implement and maintain <strong>continuous and centralized security event logging</strong> with retention periods sufficient to support future forensic investigations. In addition to written rules and policies, this should include:</p> <ul> <li>monitoring tools that are regularly updated to reflect the latest threat intelligence; and</li> <li>advanced behaviour-based detection of anomalies in user and entity behaviour.</li> </ul> <p>To ensure an effective response to urgent cyber security alerts, the Guideline recommends that the FRFI pre-assign roles and responsibilities in such situations in order to be fully prepared to respond when they occur.</p> <h3>Responding, recovering and learning</h3> <p>The FRFI is expected to implement protocols that integrate the cybersecurity incident responses of its technology, security, crisis management and communications functions. These should include:</p> <ul> <li>a “cyber incident taxonomy” that standardizes the terminology used in responding to, managing and reporting on cyber security incidents;</li> <li>the establishment of a cyber incident response team; and</li> <li>where aspects of cyber security are outsourced, clearly defined escalation thresholds for notification of FRFI management.</li> </ul> <p>At the recovery phase, the Guideline recommends forensic investigations to determine ongoing material risks from an incident and, for high-severity incidents, detailed assessments designed to quantify economic and other impacts as well as to identify lessons learned and possible remedial actions.</p> <h2>4. Third-Party Provider Technology and Cyber Risk</h2> <p>This section of the Guideline is intended to be read in conjunction with <a rel="noopener noreferrer" rel="noopener noreferrer" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/gl-ld/Pages/b10.aspx" target="_blank">Guideline B-10</a> (Outsourcing of Business Activities, Functions and Processes). The Guideline recommends the implementation of <strong>technology and cyber risk agreements between the FRFI and its CSP and/or other Third-Party Providers (“TPPs”)</strong>. In addition, it recommends that the FRFI establish mechanisms to ensure compliance by its TPPs with the technology and cyber standards that were developed in with the Guideline. These include close monitoring of a TPP’s access to the FRFI’s systems and ensuring that the FRFI has access to any of its information in the possession of the TPP, as well as ensuring that the FRFI’s standards for data protection, change management and security incident logging are applied to FRFI assets on a TPP platform.</p> <p>The Guideline recommends specific requirements <strong>to ensure that the FRFI’s use of cloud computing is consistent with its stated risk profile</strong>. These include augmenting the FRFI’s existing controls and standards with cloud-specific provisions relating to data protection, management of vulnerabilities, cryptographic key management and others. Furthermore, in designing and implementing a cloud-based solution, the FRFI should ensure that applications and data are easily portable between CSPs in order to ensure that the FRFI can switch to a superior cloud environment if necessary.</p> <h2>5. Technology Resilience</h2> <p>The FRFI is expected to develop, implement and maintain an <strong>Enterprise Disaster Recovery Framework (“EDRF”)</strong> that, in conjunction with its business continuity plan, serves as a guide to recovery from a major technology disruption. The EDRF should establish, at a minimum:</p> <ul> <li>responsibility for the availability and recovery of technology services;</li> <li>a process for identifying and analyzing technology services and key dependencies required to operate within the FRFI’s risk tolerance;</li> <li>procedures for the timely restoration of technology services to an acceptable level when a disruption occurs; and</li> <li>data backup strategy, policy and processes (backup frequency, storage, destruction and testing).</li> </ul> <p>“Key dependencies” include information security requirements for stored data (e.g. encryption) and the location of technology assets (e.g. of backup sites, service providers, etc.).</p> <p>Finally, <strong>OSFI will expect the FRFI to test its EDRF</strong> against “severe but plausible” scenarios incorporating:</p> <ul> <li>new and emerging risks or threats;</li> <li>material changes to business objectives or technologies;</li> <li>the FRFI’s incident history and any known technology complexities or weaknesses.</li> </ul> <p>Disaster recovery scenarios should test the FRFI’s backup and recovery processes to confirm that it can meet its predefined requirements in the context of key dependencies and the FRFI’s onsite and outsourced technologies.</p> <h2>Conclusion</h2> <p>As noted above, comments on Guideline B-13 will be accepted until February 9, 2022. They may be submitted to <a rel="noopener noreferrer" rel="noopener noreferrer" href="mailto:Tech.Cyber@osfi-bsif.gc.ca" target="_blank"><strong>Tech.Cyber@osfi-bsif.gc.ca</strong></a>. </p>26-Nov-2021 03:56:00{B1FF1950-AA50-4DB3-92A7-8E32D2F15B00}https://stikeman.com/en-ca/kh/financial-services/financial-services-innovation-in-ontario-fsra-releases-its-consultation-documentAndrew S. Cunninghamhttps://stikeman.com/en-ca/people/c/andrew-s-cunninghamStuart S. Carruthershttps://stikeman.com/en-ca/people/c/stuart-s-carruthersFinancial Services UpdateInsurance Law UpdateFinancial Services Innovation in Ontario: FSRA Releases its Consultation Document<p><strong>On October 21, 2021, the Financial Services Regulatory Authority of Ontario (FSRA) </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.fsrao.ca/newsroom/fsra-releases-its-innovation-framework-public-consultation"><strong>released</strong></a><strong> a 35-page </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.fsrao.ca/media/4621/download"><strong>consultation document</strong></a><strong> (“Consultation Document”) detailing its proposed Innovation Framework. FSRA’s </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.fsrao.ca/about-fsra/innovation-office"><strong>Innovation Office</strong></a><strong>, created in 2020 to facilitate financial services innovation in Ontario, is coordinating the initiative. Supporting innovation in Ontario’s financial services sector is a core part of FSRA’s mandate as a regulator. The Framework set out in the Consultation Document is open for comment until November 18, 2021.</strong></p> <p>While the new framework will affect all areas of financial services under Ontario’s jurisdiction, the <strong>auto insurance sector</strong> will be the first to access the new testing environments described below. FSRA is empowered to grant certain forms of exemptive relief that may be required to implement a service or product test that it has approved.</p> <h2>Outline of the Consultation Document</h2> <p>The Consultation Document includes discussions of the following:</p> <ul> <li>The Innovation Office and its role;</li> <li>The innovation process;</li> <li>Test and learn environments; and</li> <li>Industry engagement and outreach.</li> </ul> <p>In this post, we summarize some of the highlights of the Consultation Document.</p> <h2>The Innovation Office and its Role</h2> <p>The Innovation Office will be the “central driver and coordinator” of FSRA’s mandate to foster what the Consultation Document refers to as “responsible innovation”. In an environment of responsible innovation, any risks that innovation could pose to consumers, or to businesses that deal with the auto insurance sector, will be carefully managed. The Innovation Office’s three key roles are:</p> <ul> <li>Fostering an environment that will encourage responsible innovation;</li> <li>Focusing on improved consumer choice and value while protecting consumer interests; and</li> <li>Continuously improving its approach and tools.</li> </ul> <p>The Innovation Office will have an “orchestrator” role within FSRA itself, driving FSRA’s mandate to pursue innovation. It will engage in dialogue with innovators, while functioning as a disruptor:</p> <p style="padding-left: 30px;">“The Innovation Office will challenge established structures and closed mindsets that stifle innovation. We will play a challenge function role both within FSRA and in Ontario's financial services sector, pathfinding for innovative and new ideas and services when the established approach would otherwise act as an obstacle.”</p> <p>While regulatory changes may occur eventually, the Innovation Office will initially operate within Ontario’s existing regulatory framework. It will have a research and outreach function and will make use of the Test and Learn Environment (“TLE”) described below.</p> <p>FSRA is seeking comments on the role that it should play in innovation as well as on experiences industry participants have had to date in bringing innovative ideas to FSRA.</p> <h2>The Innovation Process</h2> <p>The innovation process envisaged by FSRA includes “inside out” and “outside in” approaches. The first of these leverages the experience of FSRA’s own teams to bring new trends, problems and solutions to the surface. The second involves working with stakeholders to bring their innovation ideas to fruition. As part of this plan, FSRA is adopting an innovation culture, with Innovation Liaisons across FSRA, whose job it is to facilitate communication among innovators, the Innovation Office and FSRA as whole.</p> <p>The steps in the innovation process are as follows:</p> <ol> <li><strong>Opportunity intake:</strong> discovery and consideration of innovation opportunities;</li> <li><strong>Prioritization and management:</strong> Assessment and selection based on established criteria;</li> <li><strong>Definition and “solutioning”:</strong> Deciding which regulatory tool should be used for each selected opportunity;</li> <li><strong>Risk assessment and testing:</strong> Scrutinization of opportunities for uncertainties and risks that might require additional testing and validation in the TLE, or by other means; and</li> <li><strong>Communication and measurement:</strong> Communication of innovation opportunities and measurement of the Innovation Office’s impact.</li> </ol> <p>The intake form that will be available on the FSRA website is described in detail in the Consultation Document. FSRA is seeking comments on both the form and the innovation process more generally, as well as on the risk evaluation process described below.</p> <p>The risk assessment process will consider risks of a proposed innovation to the customer, the industry and to FSRA itself. Depending on the results of the risk analysis, the innovator might be asked to revise its proposal (if the risk is high) or given the opportunity to test it in a testing environment (if the risk is lower). If the testing process proceeds satisfactorily, FSRA will make recommendations to the Government of Ontario respecting any necessary statutory or regulatory amendments.</p> <h2>Test and Learn Environments</h2> <p>FSRA’s TLEs will provide “an adaptive, pro-innovation test environment while ensuring consumers are protected”. From an innovator’s standpoint, the TLE is “a relatively low-risk arena for gauging the market response to their innovations.” This approach is intended, in part, to level the playing field between industry incumbents and new market entrants. Importantly, FSRA will have considerable authority to grant exemptive relief that may be required to ensure that innovation proposals can be tested effectively.</p> <p>An “Approach Guidance” will be published to “provid[e] specificities on the general approach of how TLEs would work.” In the meantime, the plan set out in the Consultation Document envisages two basic TLE types:</p> <ul> <li><strong>Activity TLEs</strong> involve FSRA’s exercise of regulatory authority to approve the testing of activities that would not otherwise be permitted under the existing regulatory framework; and</li> <li><strong>Status TLEs</strong> give time-limited and conditional approvals for activities intended to test and validate innovative products and services to non-regulated entities that would not otherwise be granted such opportunities.</li> </ul> <p>As noted above, the first TLEs will be in the auto insurance sector. A detailed auto industry use case, intended as an example scenario, is included in the Consultation Document.</p> <p>The TLE fee structure has not yet been determined in detail. It appears, however, that the approach FSRA takes to fees will differ between regulated and unregulated entities – reflecting the fact that cost-recovery with respect to the former can be achieved, in whole or in part, through general assessment. FSRA is seeking comments on how fees should be charged, including stakeholder views on the fairest way to keep fees within the reach of innovators new to the market while discouraging the use of the TLE as “a free incubator or accelerator for early-stage ideas”.</p> <h2>Industry Engagement and Outreach</h2> <p>The Consultation Document outlines FSRA’s plans for extensive and ongoing stakeholder outreach, including constant engagement with sector participants and consumers. FSRA’s goal is to be knowledgeable, adaptable, proactive and responsive to consumer and industry input. Among the functions that FSRA envisages for the Innovation Office is to co-ordinate meetings and discussions among stakeholders themselves.</p> <p>Finally, transparency will be a core principle for FSRA and the Innovation Office. Public communication of decisions about TLEs will be communicated so that innovators and other stakeholders can build up an understanding, over time, of what FSRA is looking for in innovation proposals and where the boundaries lie. In the Consultation Document, FSRA requests input on how the Innovation Office’s engagement efforts should be structured.</p> <h2>Next Steps</h2> <p>The Consultation Document invites comments on many key issues, including those noted above. The deadline for receipt of comments is <strong>Thursday, November 18, 2021</strong>.</p>11-Nov-2021 03:43:00{6974613F-8AAB-4F61-8E5F-3351E2453DAD}https://stikeman.com/en-ca/kh/financial-services/fintech-in-canada-legal-and-regulatory-aspects-of-a-growth-industryAlix d'Anglejan-Chatillonhttps://stikeman.com/en-ca/people/d/alix-d-anglejan-chatillonRamandeep K. Grewalhttps://stikeman.com/en-ca/people/g/ramandeep-k-grewalDavid Elderhttps://stikeman.com/en-ca/people/e/david-elderShawn Smithhttps://stikeman.com/en-ca/people/s/shawn-smithÉric Lévesquehttps://stikeman.com/en-ca/people/l/eric-levesqueFinancial Services UpdateCanadian Technology & IP LawFintech in Canada: Legal and Regulatory Aspects of a Growth Industry<p>Five Stikeman Elliott lawyers recently authored the chapter on <a href="/-/media/files/kh-general/fintech-2022--canada.ashx">Fintech in Canada</a>, in <a rel="noopener noreferrer" rel="noopener noreferrer" href="https://www.lexology.com/gtdt" target="_blank">Lexology’s<em> Getting the Deal Through</em></a> series, published by Law Business Research. The chapter provides an excellent overview of this rapidly developing area of law, including the following topics:</p> <ul> <li>Innovation, landscape and initiatives;</li> <li>Domestic and cross-border regulation of fintech products and services;</li> <li>Compliance requirements;</li> <li>Execution and enforceability of loan agreements;</li> <li>Use of artificial intelligence;</li> <li>Data protection and cybersecurity;</li> <li>Guidelines for outsourcing;</li> <li>IP rights;</li> <li>Tax guidelines and incentives; and</li> <li>Current developments and emerging trends.</li> </ul> <p>We are pleased to be able to make this <a href="/-/media/files/kh-general/fintech-2022--canada.ashx">14-page publication</a> available for downloading.</p>20-Oct-2021 02:56:00{5E28308D-50CE-4F4A-A5D7-AC7E9DCD79E0}https://stikeman.com/en-ca/kh/canadian-securities-law/virtual-currency-regulation-in-canada-where-we-are-in-2021-and-whats-aheadAlix d'Anglejan-Chatillonhttps://stikeman.com/en-ca/people/d/alix-d-anglejan-chatillonRamandeep K. Grewalhttps://stikeman.com/en-ca/people/g/ramandeep-k-grewalÉric Lévesquehttps://stikeman.com/en-ca/people/l/eric-levesqueChristian Vieirahttps://stikeman.com/en-ca/people/v/christian-vieiraCanadian Securities LawCanadian Technology & IP LawFinancial Services UpdateTax Law UpdateVirtual Currency Regulation in Canada: Where We Are in 2021 and What’s Ahead<p>Four Stikeman Elliott lawyers recently co-authored the<a href="/-/media/files/kh-general/the-virtual-currency-regulation-review-2021.ashx"> Canadian chapter</a> of <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://thelawreviews.co.uk/edition/the-virtual-currency-regulation-review-edition-3/1230153/canada"><em>The Virtual Currency Regulation Review</em></a> (4<sup>th</sup> ed.), published by <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flbresearch.com%2F&data=02%7C01%7Cmdiop%40stikeman.com%7C43bf2c3b3ccd431381e108d74c1a233a%7C394646dfa1184f83a4f46a20e463e3a8%7C1%7C0%7C637061547446418456&sdata=%2FyRYXA57EuBhrm8SzdisD3ok9l5digoQqSw5PamZGsk%3D&reserved=0">Law Business Research Ltd.</a> This chapter provides an excellent practical overview of recent legal and regulatory developments while also looking ahead to expected virtual currency trends.</p> <p>Among the specific topics considered are the following:</p> <ul> <li>Applicability of Canadian securities laws to virtual currencies;</li> <li>Virtual currency offerings and prospectus requirements in Canada;</li> <li>Regulatory considerations for intermediaries;</li> <li>Exchanges and other platforms;</li> <li>Asset management and investment funds;</li> <li>AML (anti-money laundering);</li> <li>How currency miners are regulated;</li> <li>Enforcement under civil and criminal law;</li> <li>Tax treatment of virtual currencies; and</li> <li>Taxation of virtual currency miners and of employees who are paid in virtual currency.</li> </ul> <p>We are pleased to be able to make this <a href="/-/media/files/kh-general/the-virtual-currency-regulation-review-2021.ashx">32-page publication</a> available for downloading.</p> <p>The authors would like to thank <a href="{CB74A7F3-145D-43BD-B241-EC320A128CA1}?item=web%3a%7b149FED54-2750-4B9F-888F-BB02903203F5%7d%40en-CA">Chelsea Angel</a>, summer law student in Stikeman Elliott’s Toronto office, for her contribution to this chapter.</p>07-Oct-2021 04:02:00{142D65EF-51A5-4F17-B826-669FFBCEB8A8}https://stikeman.com/en-ca/kh/insurance-law/osfi-tightens-technology-and-cybersecurity-incident-reporting-requirements-for-frfisShawn Smithhttps://stikeman.com/en-ca/people/s/shawn-smithAndrew S. Cunninghamhttps://stikeman.com/en-ca/people/c/andrew-s-cunninghamStuart S. Carruthershttps://stikeman.com/en-ca/people/c/stuart-s-carruthersInsurance Law UpdateCanadian Technology & IP LawFinancial Services UpdateOSFI Tightens Technology and Cybersecurity Incident Reporting Requirements for FRFIs<p><strong>On August 13, 2021, Canada’s Office of the Superintendent of Financial Institutions (OSFI) </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/osfi-bsif/med/Pages/TCSIR-nr.aspx"><strong>announced</strong></a><strong> new technology/cybersecurity incident </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/adv-prv/Pages/TCSIR.aspx?utm_source=osfi-bsif&utm_medium=email&utm_campaign=advisory"><strong>reporting requirements</strong></a><strong> for Federally Regulated Financial Institutions (FRFIs). Incidents to which the policy applies are no longer subject to an express materiality threshold and must now be reported within 24 hours, with specific consequences for failure to report. In addition, OSFI updated the </strong><a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/in-ai/Pages/cbrsk.aspx"><strong>Cyber-Security Self-Assessment</strong></a><strong> for FRFIs. This stricter approach reflects OSFI’s growing concern about the potential impact of cybercrime and technology incidents on the financial sector.</strong></p> <h2>Reportable Incidents</h2> <p>The updated Technology and Cyber Security Incident Reporting Advisory (“New Advisory”) replaces the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://stikeman.com/en-ca/kh/canadian-securities-law/OSFI-Provides-New-Guidance-on-Technology-and-Cybersecurity">OSFI advisory</a> that has been in effect since March 31, 2019 (“2019 Advisory”). The New Advisory defines “technology or cyber security incident” as:</p> <p>An incident that has an impact, or the potential to have an impact on the operations of a FRFI, including its confidentiality, integrity or the availability of its systems and information.</p> <p>The explicit materiality qualifier in the 2019 Advisory has not been retained in the New Advisory, which instead recommends that:</p> <ul> <li>“FRFIs should <strong>define priority and severity levels</strong> within their incident management framework” (the New Advisory does not set expectations for these frameworks); and</li> <li>FRFIs <strong>consult their Lead Supervisors</strong> if uncertain whether an incident should be reported.</li> </ul> <p>In general, <strong>the New Advisory lowers the threshold for reporting while expanding the scope of reportable incidents</strong> as discussed below. Because the previous materiality test is no longer applicable, the requirement to report could potentially be triggered by almost any incident that affects a FRFI’s systems.</p> <h3>Characteristics of reportable incidents</h3> <p>The New Advisory states that reportable incidents <strong>may</strong> have any of the following characteristics (note that OSFI does not intend the examples given to be exhaustive of the points that they illustrate):</p> <ul> <li>The potential to affect other FRFIs or the Canadian financial system generally;</li> <li>An impact on FRFI systems affecting financial market settlement, confirmations or payments, or impact on payment services;</li> <li>An impact on FRFI operations, infrastructure, data, systems (e.g. an impact on the confidentiality, integrity or availability of customer information, among others);</li> <li>A disruptive effect on business systems or operations (e.g. data centre or utility centre outages or “loss or degradation” of connectivity);</li> <li>An operational impact on key or critical systems, infrastructure or data;</li> <li>An activation of disaster recovery plans or teams or a declaration of disaster by a third-party vendor, affecting the FRFI;</li> <li>An operational impact on internal users that affects business operations or external customers;</li> <li>An impact on external customers that is growing and likely to attract media attention, with a potential to negatively affect the FRFI’s reputation;</li> <li>An impact to a third party affecting the FRFI;</li> <li>The FRFI’s technology/cyber incident protocols or response team have been activated;</li> <li>An incident has been reported to the board of directors or senior management;</li> <li>A report has been made to another federal government department or to the Office of the Privacy Commissioner, to a law enforcement agency or to any other regulator or supervisory authority anywhere in the world;</li> <li>The FRFI “has invoked internal or external counsel”;</li> <li>A FRFI incident for which a cyber insurance claim has been initiated;</li> <li>The FRFI has internally assessed the incident as a Tier 1 or Tier 2 incident (high or critical severity); or</li> <li>A breach of internal risk appetite or thresholds.</li> </ul> <p>However, even if an incident does not appear to meet any of these criteria (or where the FRFI is uncertain), <strong>notification of OSFI is “encouraged” on a precautionary basis</strong>.</p> <p>Appendix I of the New Advisory lists four reportable scenarios as examples of reportable incidents. These appear to be similar to those included in the 2019 Advisory: an account takeover botnet campaign, a data centre technology failure, a breach at a material third party and DDoS extortion attacks.</p> <h2>Notification Requirements</h2> <p>The New Advisory differentiates between “initial” notification requirements and those that apply subsequently.</p> <h3>Initial notification requirements</h3> <p>In a major change, the notification timeframe has been <strong>reduced from 72 hours to 24 hours,</strong> although OSFI’s preference continues to be that notification take place as soon as possible. The New Advisory does not specify when the reduced 24-hour period begins to run, although (as noted below) it clearly contemplates that reports will sometimes have to be submitted before the FRFI has ascertained all of the required information. The 2019 Advisory stated that the 72-hour period began to run when the FRFI had determined that the incident was reportable.</p> <p>Incidents must be reported to the appropriate <strong>Lead Supervisor</strong> and to <strong>OSFI’s Technology Risk Division</strong> using the Incident Reporting and Resolution Form, whether or not all details are known. A facsimile of the form is provided in Appendix II of the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/rg-ro/gdn-ort/adv-prv/Pages/TCSIR.aspx?utm_source=osfi-bsif&utm_medium=email&utm_campaign=advisory">New Advisory</a>.</p> <p>Note that the 24-hour reporting period is shorter than the corresponding requirement under section 10.1 of <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://canlii.ca/t/7vwj">PIPEDA</a>, which requires that notifications be made “as soon as feasible after the organization determines that the breach has occurred”. The FRFI continues to be responsible for complying with the PIPEDA requirement, however.</p> <h3>Subsequent notification requirements</h3> <p>The <strong>subsequent notification requirements are more open-ended</strong>. In whatever form it takes, such notification should be “regular (e.g. daily)”, although OSFI may issue more specific requirements in specific cases. The regular updates should continue until the incident is contained or resolved and are expected to include both short-term and long-term remediation actions and plans. A post-incident review, including “lessons learned” should also be submitted at an appropriate time.</p> <h3>Failure to report</h3> <p>Failure to report incidents as required can now lead to <strong>specific consequences</strong>, such as increased supervisory oversight, e.g. enhanced monitoring of a FRFI’s activities, or watch-listing or staging of the FRFI (among other potential consequences).</p> <h2>Cyber Security Self-Assessment</h2> <p>The Cyber Security Self-Assessment (“Self-Assessment”) <strong>assists the FRFI in identifying areas of potential vulnerability to cyber incidents</strong> and addresses both incident prevention and incident response. Changes in the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/in-ai/Pages/cbrsk.aspx">revised version</a> were designed in part to reflect recent rapid growth in financial services digitization. While not mandatory, the Self-Assessment will supplement OSFI’s forthcoming guidance for the sound management of technology and cyber risk, referred to in the <a rel="noopener noreferrer" rel="noopener noreferrer" target="_blank" href="https://www.osfi-bsif.gc.ca/Eng/fi-if/in-ai/Pages/prupol-let.aspx">Near-Term Plan of Prudential Policy</a>, issued on May 6, 2021.</p> <p>The Self-Assessment encompasses <strong>90 “control statements” </strong>such as “The FRFI conducts regular reviews of the cyber risk strategy and cyber risk framework, to ensure compliance with legal and regulatory requirements” (no. 3). The control statements are divided into the following categories:</p> <ul> <li>Planning and strategy</li> <li>Policy</li> <li>Risk management</li> <li>Business environment</li> <li>Asset management</li> <li>Risk assessment</li> <li>Identity management and access control</li> <li>Network security</li> <li>Data security</li> <li>Vulnerability management</li> <li>Change and configuration management</li> <li>Monitoring and logging</li> <li>Benchmarking, reviews and assessments</li> <li>Secure software development</li> <li>Incident management</li> <li>Testing and planning</li> <li>Continuous improvement</li> <li>Security education</li> <li>Governance and management</li> <li>Cloud service providers</li> </ul> <p>In completing the Self-Assessment, the <strong>FRFI will rate each control statement on a scale from 0-5</strong> with respect to “cyber security maturity”. The data produced by this exercise will help the FRFI focus its future cyber security planning on its most pressing areas of deficiency.</p> <h2>Next Steps</h2> <p>Steps that FRFIs should consider in light of the New Advisory include (among others):</p> <ul> <li>Assessing the implications of the changes to the reporting standards in the New Advisory on their internal procedures;</li> <li>Reviewing and (if necessary) updating supplier and outsourcing agreements to ensure compliance with the new requirements; and</li> <li>Undergoing a Cyber Security Self-Assessment based on the new template.</li> </ul>01-Sep-2021 07:55:00{E5F84980-236E-4583-83F7-5C3B2EA32340}https://stikeman.com/en-ca/kh/financial-services/regulation-of-retail-investment-funds-in-canada-what-you-need-to-knowDarin R. Rentonhttps://stikeman.com/en-ca/people/r/darin-r-rentonFinancial Services UpdateCanadian Securities LawRegulation of Retail Investment Funds in Canada: What You Need to Know<p>Two members of our <a href="/en-ca/expertise/investment-funds-asset-management">Investment Funds & Asset Management Group</a>, <a href="/en-ca/people/r/darin-r-renton">Darin Renton</a> and Malcolm Peck-McQueen, recently updated their <a href="/-/media/files/kh-general/retail-investment-funds-in-canada---regulatory-overview.ashx">“Retail Investment Funds in Canada: Regulatory Overview”</a> chapter for publication in Thomson Reuters’ <em>Practical Law Global Guide 2021: Investment Funds</em>. The chapter provides an overview of Canadian legal and regulatory issues affecting retail investment funds, as follows:</p> <ul> <li>Structure of Canada’s retail funds market;</li> <li>Statutes, regulatory bodies and legislation;</li> <li>Requirements for fund managers and operators;</li> <li>Marketing of retail funds;</li> <li>Investment and borrowing restrictions;</li> <li>Restrictions on redemption, transfer or assignment of interests;</li> <li>Periodic reporting requirements;</li> <li>Tax treatment of retail funds; and</li> <li>Proposals for regulatory reform.</li> </ul> <p>We are pleased to be able to make this <a href="/-/media/files/kh-general/retail-investment-funds-in-canada---regulatory-overview.ashx">11-page publication</a> available for downloading.</p>16-Jul-2021 03:14:00{B6007FB2-383A-43E6-94E8-CF2A70E572B6}https://stikeman.com/en-ca/kh/financial-services/bank-loan-and-debt-securities-a-canadian-q-aJennifer G. Leggehttps://stikeman.com/en-ca/people/l/jennifer-g-leggeKelly Niebergallhttps://stikeman.com/en-ca/people/n/kelly-niebergallFinancial Services UpdateCorporations & Commercial Law UpdateCanadian Structured Finance LawBank Loan and Debt Securities: A Canadian Q&A<p>Two Toronto-based lawyers in our <a href="/en-ca/expertise/banking-finance">Banking & Finance Group</a>, <a href="/en-ca/people/l/jennifer-g-legge">Jennifer G. Legge</a> and <a href="/en-ca/people/n/kelly-niebergall">Kelly Niebergall</a>, recently updated their Canadian chapter of <a href="/-/media/files/kh-general/loans--secured-financing-2022--canada.ashx">Loans & Secured Financing</a>, published by <em>Lexology</em>. This publication is part of the <em>Getting The Deal Through</em> series and provides an excellent overview of the legal aspects of Canada’s commercial lending and secured financing markets, including the following topics:</p> <ul> <li>Market framework;</li> <li>Capital, liquidity and disclosure requirements;</li> <li>Cross-border lending;</li> <li>Security interests and guarantees;</li> <li>Intercreditor matters;</li> <li>Documentation and terms; and</li> <li>Developments and emerging trends.</li> </ul> <p>We are pleased to be able to make this <a href="/-/media/files/kh-general/loans--secured-financing-2022--canada.ashx">8-page publication</a> available for downloading.</p>15-Jul-2021 02:22:00{D9EDF8C8-6176-401B-B0E5-C9C8123F4A8F}https://stikeman.com/en-ca/kh/financial-services/ontario-court-of-appeal-clarifies-requirements-for-foreclosure-on-investment-property-under-the-personal-property-security-actFinancial Services UpdateOntario Court of Appeal Clarifies Requirements for Foreclosure on Investment Property under the Personal Property Security Act<p>In its recent decision in <a rel="noopener noreferrer" target="_blank" href="https://www.canlii.org/en/on/onca/doc/2021/2021onca221/2021onca221.pdf"><em>Atlas (Brampton) Limited Partnership v. Canada Grace Park Ltd.</em></a>, 2021 ONCA 221, the Ontario Court of Appeal (ONCA) clarified the requirements for foreclosure on investment property under the <a rel="noopener noreferrer" target="_blank" href="https://www.ontario.ca/laws/statute/90p10"><em>Personal Property Security Act</em> (Ontario)</a> (the PPSA). The decision confirmed that a secured creditor’s right under Section 17.1(2) of the PPSA to “sell, transfer, use or otherwise deal” with investment property over which it has control does not include an independent right of foreclosure without notice. A secured creditor that wishes to foreclose on such collateral must comply with the applicable procedural requirements in Part V of the PPSA. However, the ONCA also underscored the need for courts to take a flexible approach to the foreclosure notice requirements where a clear intention to retain collateral in satisfaction of the debt has been demonstrated to the debtor in advance of the foreclosure.</p> <h2>Background</h2> <p>The principals of Romlex International Ltd. and Canada Grace Park Ltd. incorporated Atlas Springbank Developments Ltd. (Atlas Springbank) in connection with a plan to develop certain commercial real estate. Romlex held 55% of Atlas Springbank’s shares (the Pledged Shares) and Canada Grace held the remaining 45%.</p> <p>For reasons not disclosed in the decision, Atlas Springbank made a loan to Atlas (Brampton) Limited Partnership (Atlas Brampton), a limited partnership owned by the principal of Romlex. Atlas Brampton promptly defaulted on the loan by failing to make its first interest payment.  Atlas Springbank, Romlex, Atlas Brampton and Canada Grace, among others, entered into an agreement (the Security Agreement) pursuant to which Romlex agreed to pledge the Pledged Shares to Canada Grace and agreed that the Pledged Shares would be “transferred” to Canada Grace for the nominal sum of $2 upon (further) default by Atlas Brampton, thereby allowing the principal of Canada Grace to take complete ownership and control of Atlas Springbank. (Presumably, there was some disagreement between the principals of Romlex and Canada Grace with respect to the loan arrangement, which gave rise to the security being granted to Canada Grace, although there is no mention of this in the decision.)</p> <p>Atlas Brampton again promptly defaulted by (i) being put into receivership by a third party almost simultaneously with the execution of the Security Agreement and then (ii) subsequently failing to pay the balance of the loan when it came due. In response, Atlas Springbank’s solicitor sent a notice of default (the Notice of Default) informing the principal of Romlex that she had transferred the Pledged Shares to Canada Grace pursuant to the Security Agreement.  Atlas Brampton, Romlex and the principal of Romlex (collectively, the Debtor Entities) applied to the Ontario Superior Court of Justice (SCJ) for, among other relief, (i) a declaration that the transfer of the Pledged Shares to Canada Grace was null and void and (ii) an order that they were entitled to prior notice of Canada Grace’s intention to foreclose on the Pledged Shares and an opportunity to redeem the Pledged Shares.</p> <h2>The Decision of the Superior Court of Justice</h2> <p>The SCJ considered whether Canada Grace had complied with the requirements for “disposal” set out in Part V and held that it had not, with the result that it was not entitled to exercise that remedy under the PPSA. However, relying on the decision in <a rel="noopener noreferrer" target="_blank" href="https://www.canlii.org/en/on/onsc/doc/1992/1992canlii7590/1992canlii7590.pdf"><em>Harry D. Shields Ltd. v. Bank of Montreal</em></a>, 7 O.R. (3d) 57, the SCJ held that Canada Grace was entitled to exercise remedies contracted for in the Security Agreement and that an independent right amounting to foreclosure was contained in the Security Agreement. The Debtor Parties appealed.</p> <h2>Issues on Appeal</h2> <p>The ONCA addressed the following issues in its analysis on appeal:</p> <ul> <li>What was the nature of Canada Grace’s security interest in the Pledged Shares (i.e., did the Security Agreement give Canada Grace control over the uncertificated Pledged Shares)?</li> <li>Did section 17.1(2) of the PPSA permit Canada Grace to foreclose on the Pledged Shares?</li> <li>Did Part V of the PPSA permit Canada Grace to foreclose on the Pledged Shares?</li> </ul> <h2>The Decision of the Ontario Court of Appeal</h2> <h3>Canada Grace had control over the Pledged Shares</h3> <p>Canada Grace argued that it had control over the Pledged Shares and was therefore entitled, pursuant to section 17.1(2) of the PPSA, to take the Pledged Shares in satisfaction of the debt. The ONCA reviewed the applicable principles governing “control” of uncertificated securities under the <a rel="noopener noreferrer" target="_blank" href="https://www.ontario.ca/laws/statute/06s08"><em>Securities Transfer Act, 2006</em> (Ontario)</a> (the STA). Adopting a functional approach, the ONCA noted that a control agreement need not take a particular form. The court held that a power of attorney clause in the Security Agreement<a href="#_ftn1" name="_ftnref1"><sup>[1]</sup></a> constituted the agreement of the issuer of the shares to take instructions from the secured party without the further consent of the pledgor and was sufficient to give Canada Grace control of the pledged shares given that the issuer of the pledged shares, the registered owner and the secured party, among others, were party to the agreement.</p> <h3>A secured creditor is not entitled to foreclose on investment property pursuant to section 17.1(2) of the PPSA without notice</h3> <p>The Debtor Entities argued that Canada Grace, as a secured creditor, could not foreclose on collateral without following the procedure set forth in Part V of the PPSA. In contrast, Canada Grace argued that, as a secured creditor with control over investment property, it was entitled under section 17.1(2) of the PPSA to deal with the Pledged Shares in accordance with the Security Agreement and need not comply with the foreclosure requirements in Part V. The Security Agreement did not contain any notice requirements for foreclosure nor any right of redemption.</p> <p>Since section 17.1(2) of the PPSA does not explicitly include acceptance (i.e., foreclosure) of investment property collateral in satisfaction of the debt secured by the security agreement, the question for the ONCA was whether the right to “sell, transfer, use or otherwise deal” in section 17.1(2) includes a right of foreclosure.</p> <p>The ONCA concluded that section 17.1(2) (and, in particular, the phrase “otherwise deal” therein) does not permit foreclosure on investment property free of compliance with Part V of the PPSA for the following reasons:</p> <ol> <li>The section 17.1(2) exception to the general enforcement scheme in Part V of the PPSA must be construed narrowly since it runs contrary to the debtor protection elements of Part V;</li> <li>The principle of implied exclusion and a plain reading of the words “sell, transfer, use or otherwise deal” excludes a power of foreclosure because the legislature would have included foreclosure if it intended for such remedy to be available under section 17.1(2), particularly given its extensive treatment of foreclosure in Part V;</li> <li>Reading foreclosure into “otherwise deal” does not fit well into the debtor protection statutory scheme governing foreclosure in Part V of the PPSA because the Part V process allows the debtor to object and obtain a better result by way of a sale instead and the words “otherwise deal” are not sufficiently precise to displace this mechanism; and</li> <li>Permitting foreclosure under section 17.1(2) would be inconsistent with the purposes underlying such provision (i.e., easing capital market transactions, derivatives and margin trading) because the Security Agreement does not engage the complexities of the indirect holding system or place Canada Grace in the same position as a broker or securities intermediary who must dispose of investment property quickly to liquidate depreciating accounts.</li> </ol> <p>Therefore, a secured creditor with control over investment property must comply with the foreclosure procedure in Part V of the PPSA if it wishes to foreclose on such collateral. </p> <h3>Canada Grace complied with the PPSA Part V requirement for foreclosure</h3> <p>Having concluded that Part V applied to Canada Grace’s foreclosure on the Pledged Shares, the ONCA next considered whether Canada Grace had complied with the Part V requirements. On this question the ONCA also clarified the approach to be taken when evaluating the sufficiency of a foreclosure notice under the PPSA.</p> <p>Part V of the PPSA requires the secured creditor to give notice of its proposal to accept collateral in satisfaction of a secured obligation by serving the notice on certain persons, including the debtor, the owner of the collateral, and every person who has a security interest in the collateral. However, the PPSA does not set out the required contents of such notice. To clarify this area of the law, the ONCA noted that a foreclosure notice should ordinarily expressly cite the PPSA and include:</p> <ul> <li>the amount of the secured obligation;</li> <li>a description of the collateral;</li> <li>expression of the clear intention to retain the collateral <span style="text-decoration: underline;">in satisfaction of the debt</span> (and not as continuing security); and</li> <li>an indication that the parties receiving notice have 15 days to object.</li> </ul> <p>However, the ONCA also recognized that, especially in the absence of express content requirements in the PPSA and in light of the functional approach courts must take when interpreting the PPSA, foreclosure notices should not be strictly evaluated against such criteria in every case. The ONCA stated that where “the secured creditor’s intention to foreclose on the collateral is clear in the circumstances, even when one or more of [the above] elements is absent, and the debtor is under no illusion about the consequences of failing to pay… it is not unfair to expect the debtor to attempt to redeem the collateral within 15 days.”</p> <p>Canada Grace submitted at least five communications with the Debtor Entities that it argued constituted adequate notice under Part V of the PPSA, including a letter from Canada Grace’s solicitor demanding Romlex transfer the Pledged Shares to Canada Grace (in response to the receivership default), a note from the principal of Romlex confirming that Romlex would transfer the Pledged Shares, subsequent demands for transfer from Canada Grace’s solicitor and the Notice of Default. The ONCA considered each notice other than the Notice of Default as individually inadequate but, when taken together, adequate to indicate Canada Grace’s intent to effect the transfer of the Pledged Shares pursuant to the Security Agreement if Atlas Brampton’s default was not remedied.</p> <p>The Debtor Entities argued that the Notice of Default was deficient for not expressly stating Canada Grace’s intention to retain the Pledged Shares and offering Romlex an opportunity to redeem them.  However, the ONCA considered the context and words of the communications from Canada Grace as the default continued and concluded that the Debtor Entities were aware of Canada Grace’s intention to foreclose and the consequences of failing to redeem.  The court also noted that at no point did the Debtor Entities tender fulfilment of the loan or provide evidence of Atlas Brampton’s ability to repay the loan. Accordingly, Canada Grace was held to have provided adequate notice of foreclosure in the circumstances, and the foreclosure on the Pledged Shares was upheld.</p> <h2>Takeaways</h2> <p><em>Atlas (Brampton) </em>helpfully clarifies the enforcement remedies available to secured creditors with control over investment property. While the ONCA’s interpretation of section 17.1(2) restricts a secured creditor’s ability to foreclose on investment property by mandating compliance with Part V of the PPSA, the decision provides welcome guidance on the content of an adequate foreclosure notice under the PPSA. Secured creditors seeking to foreclose on collateral can take comfort in the ONCA’s pronouncement that a foreclosure notice that includes the details cited in <em>Atlas (Brampton)</em> “would be difficult to attack on the ground of sufficiency.” Moreover, the functional approach to evaluating adequacy of a foreclosure notice adopted by the ONCA may assist a foreclosing creditor whose notice is deficient but where the creditor’s intention to foreclose is clear in the circumstances. The decision made clear that the ONCA’s functional approach would likely assist a creditor only in those situations where, as was the case with Romlex, the debtor is clearly aware of the consequences of failing to pay the secured obligation.</p> <hr /> <p><a href="#_ftnref1" name="_ftn1">[1]</a> The text of the relevant provision in the Security Agreement was as follows (emphasis added by the ONCA):</p> <p style="padding-left: 30px;">“3. Considering the risks to Canada Grace, as the shareholder of the Lender, caused by the Borrower’s performance under the Loan Agreement, Romlex agrees to pledge all Romlex’s Share of Lender and any further shares issued, rights and interest entitled (collectively the “Pledged Shares”) to the Canada Grace [sic]. If the Borrower becomes default [sic] for any reason, the Pledged Shares shall be transferred to Canada Grace at $2 nominal costs (the “Share Transfer”), the receipt of payment of such $2 nominal costs is hereby confirmed by Romlex.<br /> <br /> To effect such Shares Transfer, all parties agrees that:</p> <p style="padding-left: 60px;">…(3) Romlex shall provide its cooperation to facilitate such Shares Transfer and removal of the Guarantor as director and officers; <span style="text-decoration: underline;">Romlex hereby provides its irrevocable power of attorney to [the principal of Canada Grace] to sign relevant documents for Romlex to effect such Shares Transfer and removal, although signing such documents is not required under this agreement</span>.”</p>10-May-2021 06:25:00{FE54DFD0-A2EE-422E-B2EA-BACDD89BDB96}https://stikeman.com/en-ca/kh/financial-services/asset-management-industry-in-canada-an-updated-guideStikeman ElliottFinancial Services UpdateCanadian Securities LawCanadian Structured Finance LawAsset Management Industry in Canada: An Updated Guide<p>Two members of our Financial Products and Services Group - <a href="/en-ca/people/d/alix-d-anglejan-chatillon">Alix d’Anglejan-Chatillon</a> and <a href="/en-ca/people/e/jeffrey-r-elliott">Jeffrey Elliott</a> - recently authored the <a href="/-/media/files/kh-general/the-asset-management-review---canada-chapter-2020.ashx">Canadian chapter</a> of <em>The Asset Management Review</em> (9<sup>th</sup> ed.), published by Law Business Research Ltd. This publication provides an excellent overview of Canadian law affecting the asset management industry.</p> <p>The topics discussed include the following:</p> <ul> <li>Canada’s <strong>securities regulatory framework;</strong></li> <li>Common <strong>asset management structures</strong> (corporations, trusts, LPs, retail and institutional funds);</li> <li>Main <strong>sources of investment</strong> (pension, insurance, endowments, mutual funds, etc.);</li> <li>Key <strong>trends</strong> (investor protection, cryptocurrency, robo advice, algorithmic trading, fintech, etc.);</li> <li>Sectoral <strong>regulation</strong> (insurance, pensions, hedge funds, private equity, etc.);</li> <li>The <strong>tax treatment</strong> of Canadian funds.</li> </ul> <p>We are pleased to be able to make this <a href="/-/media/files/kh-general/the-asset-management-review---canada-chapter-2020.ashx">26-page updated chapter</a> available for downloading.</p>29-Mar-2021 02:44:00