TORONTO — The head of the Investment Industry Association of Canada says the risk of cyberattacks is being amplified by the significant outsourcing done by investment dealers and asset managers.
Ian Russell told attendees at an Empire Club of Canada luncheon on Thursday in Toronto that firms’ financial integrity and cybersecurity may not be matched by third-party vendors hired to enhance efficiencies, compensate for scale and reduce costs.
To remedy this, he says regulators within Canada need to co-operate and co-ordinate across the financial sector, involving insurance, banking and securities firms.
Russell says a positive example of such co-operation is the information-sharing memorandum recently forged between the Financial Consumer Agency of Canada — the independent government agency that enforces consumer protection legislation — and the Investment Regulatory Organization of Canada, a national self-regulating organization for investment dealers that sell stocks, bonds and other securities to consumers.
This formal co-operation between the two groups sets a framework for compliance and enforcement of rules, and suggests a more active rule-making and requirement regime at the FCAC, Russell says.
Such rule-making will in turn require greater interaction between bank and securities regulators, he adds.
Russell also says the newly established Financial Services Regulatory Authority in Ontario will develop detailed regulations for the insurance industry and other financial institutions operating in the province.
“It is important that these banking and insurance regulators co-operate with securities regulators to ensure similar rules for similar retail activities,” he says.
The Canadian Press