Take the diagnosticDownload PDF

Free cheat sheet

RSE Suitability Checklist Cheat Sheet

The RSE (Retail Securities Exam) under the CIRO Proficiency Model places heavy weight on suitability, KYC obligations, and account-opening procedures. This sheet covers the complete KYC trigger event list, NI 31-103 requirements by section, the CIRO Rule 3401 and 3402 framework, concentration analysis, risk tolerance vs risk capacity, and pre-trade disclosure requirements. Rule citations are verified as of 2026-05-08; verify current CIRO Dealer Member Plain Language Rules for any amendments.

1. KYC Trigger Events (16-Point Checklist)

Under NI 31-103 §13.2 and CIRO Rule 3400 series, a registrant must update KYC information promptly when a trigger event occurs. The following events require a KYC refresh. Memorize all 16.

  1. Significant change in household income (increase or decrease)
  2. Change in number of dependants (birth, adoption, death, dependent leaving household)
  3. Change in investment objectives (shift from growth to income, or income to growth)
  4. Change in risk tolerance stated by the client
  5. Change in risk capacity (ability to absorb losses changes independently of stated tolerance)
  6. Marriage or entry into a common-law partnership
  7. Separation or divorce
  8. Approaching retirement or actual retirement date
  9. Receipt of a significant inheritance or windfall
  10. Diagnosis of a serious illness affecting financial capacity or time horizon
  11. Change in employment status (job loss, promotion, self-employment)
  12. Business sale or purchase materially affecting net worth
  13. Change in investment time horizon (e.g., client reveals a shorter need for funds)
  14. Death of a spouse or primary beneficiary
  15. Change in tax status or residency (moving to a different province or country)
  16. Registrant has reason to believe the client's circumstances have changed materially

Note: the obligation to update KYC is ongoing, not limited to a fixed review schedule. A registrant who becomes aware of a trigger event must act on it even if the client does not initiate the conversation.

2. NI 31-103 §13.2 - Mandatory KYC Content

The registrant must take reasonable steps to collect the following information before making a suitability determination. This list is exhaustive for exam purposes.

KYC elementDetails
IdentityFull legal name, date of birth, address - verified per PCMLTFA rules
Investment objectivesGrowth, income, preservation of capital, or combination; with percentage weightings
Time horizonShort (<3 years), medium (3-10 years), long (>10 years)
Risk toleranceClient's willingness to accept risk; often captured as low/medium/high or on a numeric scale
Risk capacityClient's financial ability to absorb losses; determined by income, assets, liabilities, obligations
Annual incomeTotal gross household income from all sources
Net worthTotal assets minus total liabilities; often split into liquid and non-liquid
Investment knowledgeSelf-assessed: none, limited, fair, good; relevant to product complexity suitability
Other accounts and holdingsAccounts at other institutions to assess total portfolio concentration (account-as-a-whole)

3. NI 31-103 §13.4 - Outside Business Activity (OBA) Disclosure

A registered individual must disclose any outside business activity to their registered dealer employer before engaging in the activity. The dealer reviews the activity and either approves, prohibits, or imposes conditions on it.

What must be disclosed: Any business activity outside the scope of the registrant's duties for the registered dealer, including directorships, officer roles, other employment, consulting engagements, and any activity that could create a conflict of interest or involve securities.

Three-party disclosure structure:

  1. Registered individual discloses the OBA to their employer (the registered dealer)
  2. The registered dealer must be satisfied the OBA does not create a conflict of interest that cannot be managed
  3. Where required, the OBA is disclosed to the client if it creates a material conflict of interest

Exam gotcha: The registrant discloses to the employer first, not to the regulator. The regulator is not the first point of disclosure. Failing to disclose an OBA to the employer is itself a compliance violation.

4. NI 31-103 §13.5 - Personal Financial Dealings Prohibitions

Section 13.5 prohibits a registrant from engaging in certain personal financial dealings with clients because these dealings create conflicts of interest that cannot be adequately managed through disclosure alone.

Prohibited dealings include:

  1. Borrowing money or securities from a client (except from certain permitted financial institutions)
  2. Lending money or securities to a client (except through the registered dealer's normal margin account facility)
  3. Entering into an arrangement where the registrant's compensation depends on the client's returns in a way not disclosed and approved through the dealer
  4. Accepting gifts, benefits, or loans from a client that could reasonably be seen to influence the registrant's conduct

Power of attorney: A registrant who holds power of attorney over a client's account faces heightened supervision requirements. The dealer must have procedures to review all transactions made under a power of attorney to detect exploitation of vulnerable clients.

5. CIRO Rule 3401 - Account-Opening Approval Flowchart

Step-by-step account approval process under CIRO Rule 3401:

  1. Collect KYC information - all NI 31-103 §13.2 data points gathered before any recommendations made
  2. Determine account type - cash account, margin account, options account, short-selling account. Each type requires progressively higher approval thresholds
  3. Assess client suitability for the account type - options trading requires demonstrated investment knowledge and risk tolerance; margin requires sufficient net worth
  4. Branch manager review and approval - required for all margin accounts, options accounts, and short-selling accounts; cash accounts may be approved at the registered rep level subject to firm policy
  5. Specific risk disclosure documents delivered - Margin Account Agreement and Disclosure Document before first margin trade; Options Risk Disclosure Document before first options trade
  6. Client acknowledges receipt of disclosures - signed acknowledgement filed in the account record
  7. Account activated - trading permitted only within the approved account type and suitability profile

Elevated approval requirements:

  • Margin accounts: branch manager approval required; minimum net worth thresholds per firm policy
  • Options Level 1 (covered calls, protective puts): lower knowledge bar but still requires manager sign-off
  • Options Level 2 (spreads): requires demonstrated options knowledge
  • Options Level 3 (naked shorts): highest approval bar; manager plus potential compliance sign-off
  • Short selling: must comply with UMIR 3.3 (locate requirement before shorting)

6. CIRO Rule 3402 - Account-as-a-Whole Suitability Framework

Rule 3402 requires that suitability be assessed at the account level (account-as-a-whole), not just at the individual trade level. A single trade may be appropriate in isolation but inappropriate in the context of the client's total holdings.

Triggers for a Rule 3402 account-as-a-whole review:

  1. At account opening
  2. Before any trade recommendation
  3. When a KYC trigger event occurs
  4. When the registrant becomes the account's registered representative (through transfer or internal reassignment)
  5. At periodic reviews per the dealer's supervisory policy

What a Rule 3402 analysis considers: Concentration by asset class, sector, geography, and single issuer; alignment of holdings with stated investment objectives; overall risk level vs the client's risk profile; liquidity of the portfolio relative to the client's time horizon; cost of the portfolio relative to the client's situation.

7. Concentration Thresholds and Risk Tolerance vs Risk Capacity

Concentration thresholds (CIRO guidance, not statutory):

  • Single-issuer concentration above 10% of portfolio warrants documentation and client discussion
  • Single-issuer concentration above 20% of portfolio is considered acute concentration requiring explicit justification in the account file and heightened supervisory review
  • Sector concentration above 30-40% warrants review under most dealer policies (check current dealer manual - thresholds are firm-specific above the CIRO minimums)

Risk tolerance vs risk capacity - the lower governs:

Risk tolerance = the client's willingness to accept volatility and potential loss; subjective and self-reported.

Risk capacity = the client's objective financial ability to absorb a loss without impairing financial goals or living standards; derived from income, net worth, liabilities, time horizon.

When tolerance and capacity differ: always use the lower of the two as the effective risk level for recommendations. A client who says they can accept high risk (high tolerance) but has low capacity (approaching retirement, limited savings, large liabilities) must be treated as a low-risk client for suitability purposes.

Exam gotcha: this is tested in scenario form. A client near retirement with a mortgage says they want aggressive growth. The correct action is to probe capacity, explain the mismatch, and document. The registrant should not simply accept the stated tolerance.

8. Pre-Trade Disclosure for Accounts Using Borrowed Funds

Before a client opens a margin account or uses borrowed funds to purchase securities, the registrant must deliver specific risk disclosures and obtain acknowledgement:

  1. Borrowing to invest is risky: the client can lose more than the amount invested if the securities decline in value
  2. The interest cost on borrowed funds is incurred regardless of portfolio performance
  3. The dealer has the right to issue a margin call and liquidate securities without prior notice
  4. Using borrowed funds magnifies both gains and losses in proportion to the debt-to-equity ratio
  5. The client acknowledges reading the Margin Account Agreement and Disclosure Document

Minimum margin requirements (CIRO): 50% margin on most listed Canadian equities. Higher margin (up to 100%) for lower-priced or restricted securities. Concentrated single-issuer positions may face higher house margin requirements. Note: "margin" here refers to the client's equity in the account as a percentage of the total market value of marginable securities.

Test Yourself: 5 RSE Suitability Questions

Q1. Under NI 31-103 §13.4, who is the first party a registrant must disclose an outside business activity to?

Show answer

The registered dealer (employer). The registrant discloses to the firm before engaging in the OBA. The firm then reviews and decides whether to approve, prohibit, or impose conditions. Disclosure to the client or regulator comes only if the dealer determines it is required.

Q2. A client's portfolio has 25% concentrated in a single mining company. What is required?

Show answer

At 25%, the position exceeds the 20% acute concentration threshold. The registrant must document explicit justification in the account file and the account requires heightened supervisory review. The registrant should discuss the concentration risk with the client and ensure the KYC file supports this level of concentration.

Q3. A client states a high risk tolerance on their KYC form but is 63 years old, will retire in 2 years, has $200,000 in savings, and a $180,000 mortgage. What effective risk level governs recommendations?

Show answer

Low risk. The client's risk capacity is low: short time horizon, large debt relative to savings, imminent retirement income need. Risk tolerance and capacity are in conflict; the lower (capacity = low) governs. The registrant must document the mismatch and recommend accordingly.

Q4. Under CIRO Rule 3402, when must an account-as-a-whole suitability review be conducted?

Show answer

At account opening; before any trade recommendation; upon a KYC trigger event; when the registrant becomes the account's rep (transfer or reassignment); at periodic reviews per dealer supervisory policy.

Q5. Which account type requires branch manager approval and delivery of the Options Risk Disclosure Document before the first trade?

Show answer

An options account under CIRO Rule 3401. The Options Risk Disclosure Document must be delivered and acknowledged before the first options trade. Branch manager approval is required regardless of options level. Margin accounts also require manager approval and delivery of the Margin Account Agreement.

Related Cheat Sheets

KYC + KYP Checklist

Mandatory KYC fields, KYP at firm and rep levels, product due diligence

Supervisor Branch Procedures

CIRO Rule 3300, trade review thresholds, complaint handling, AML

CIRO Rule Citations

Every CIRO, UMIR, NI rule number with plain-English summaries

CIRE Formula Cheat Sheet

Quantitative formulas for the CIRE exam

Last updated: 2026-05-08. NI 31-103 section references confirmed against the current OSC/CSA consolidated version. CIRO Rule 3401 and 3402 references are to the IDPC Dealer Member Plain Language Rules. Verify current CIRO rules at ciro.ca for any post-publication amendments.