In Regulatory Wrap for the week to February 7, 2025:
In this week’s Regulatory Wrap, we touch on the main themes covered in CIRO’s 2025 Annual Compliance Report, particularly cybersecurity, third-party risk, and social media.
Regulatory wrap episode 52: CIRO’s 2025 compliance priorities
In Regulatory Wrap for the week to February 7, Kathryn Fallah discusses the newly-established Canadian Investment Regulatory Organization (CIRO) and its 2025 Annual Compliance Report.
Highlights:
1. In wake of increasingly common cyberthreats, CIRO emphasizes that firms should report incidents that meet certain criteria and implement sound protocols
2. Firms should also “assess risks at all stages,” which includes potential risk avenues introduced by third-party providers
3. As social media grows as a business communications tool, CIRO states that firms should create policies that permit the use of social media
4. Alongside permitting social media, firms should establish guidelines for interacting with clients and retain all social media communications
5. CIRO’s priorities match those we’ve seen from the Securities and Exchange Commission, namely the continued focus on cybersecurity and third-party risk
This week’s episode is brought to you by our Content Writer, Kathryn Fallah.
With pertinent topics like social media, third-party risk, and cybersecurity at the top of North American regulators’ lists, firms should ensure they’re strengthen policies and evaluating third-party security to maintain compliance expectations.
