Le 18 juin 2020, les Autorités canadiennes en valeurs mobilières ont annoncé l'adoption de modifications aux règles du marché dans le but de simplifier les obligations de déclaration et d'instaurer des exigences spécifiques concernant la résilience cybernétique.

Ce billet est disponible en anglais seulement.

On June 18, 2020, the Canadian Securities Administrators (CSA) announced the adoption of amendments to marketplace rules to streamline reporting obligations and introduce specific requirements regarding cyber resilience.

Specifically, in order to reduce the regulatory burden on marketplaces, amendments to National Instrument 21-101 Marketplace Operation include eliminating the need for marketplaces to report certain information (for example the requirement to report historical employment information for partners, directors and officers) and changing the timelines respecting the reporting of certain other information (for example changing the requirement to file non-significant amendments to information provided in Form 21-101F1 or Form 21-101F2 from monthly to quarterly).

The amendments also explicitly add cyber resiliency to the list of systems of internal control that marketplaces must develop and maintain, similar to the recent changes made to National Instrument 24-102 Clearing Agency Requirements. The rules will now also specifically require that marketplaces maintain records of security incidents, whether considered material or not. Further, while the requirement to notify regulatory authorities applies only in regards to material incidents, the amended Companion Policy will now state that regulators may request information regarding to all security incidents, whether material or not.

Assuming ministerial approvals, the amendments will come into force on September 14, 2020.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.