Canada: Banking Regulation 2018 - 5th Edition

Last Updated: April 26 2018
Article by Darcy Ammerman, Tayleigh Armstrong and Pat Forgione

Banks in Canada have been continuously recognised as amongst the soundest and safest across the globe.  Notwithstanding, the global financial crisis has led to a series of significant regulatory changes (most notably in the areas of liquidity and capital) designed to reduce the risk of another global financial crisis occurring, to which Canadian banks are already or will become subject, to ensure that they will continue to be well-positioned for any risks going forward.

Regulatory architecture: overview of banking regulators and key regulations

Banking in Canada falls under federal jurisdiction such that the Parliament of Canada has legislative authority over "Banking, Incorporation of Banks, and the Issue of Paper Money".  The primary piece of legislation that governs banking in Canada is the Bank Act and its regulations.

Banks in Canada are supervised by multiple regulators, with the Office of the Superintendent of Financial Institutions (OSFI) responsible for prudential regulation, and the Financial Consumer Agency of Canada (FCAC) responsible for consumer protection.  OSFI regulates and supervises all banks under its supervisory framework, develops and interprets legislation, and issues guidelines.  The FCAC ensures that federally regulated financial institutions (FRFIs) comply with consumer protection measures, and helps to keep consumers informed.  FCAC's Compliance and Enforcement Branch investigates and evaluates possible concerns, and has the power to enforce compliance.

Several other regulatory bodies are also involved in regulating banks in Canada.  The Department of Finance helps the government develop and implement financial sector policy and legislation.  The Bank of Canada, which is owned by the federal government, helps to keep inflation low, promotes efficient banking systems, is responsible for currency, and is a fiscal agent for the government.  Canadian Payments Association (d.b.a. Payments Canada) (PC) runs the national clearing and settlement system in Canada.  The Canada Deposit Insurance Corporation (CDIC) provides deposit insurance to all member institutions (which includes all major Canadian banks) against the loss of eligible deposits in the event of failure.  The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) helps to protect Canada's financial system by detecting and deterring money laundering and terrorist financing under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and its regulations.  The Ombudsman for Banking Services and Investments (OBSI) is an independent and impartial body that resolves disputes between banks and their customers when a bank is not able to resolve the dispute internally.  The Canadian Bankers Association helps to ensure Canada has a successful banking system by advocating for effective policies and working with banks and law enforcement to protect Canadians against financial crimes.  Banks in Canada also need to ensure compliance with privacy legislation, which is enforced by the Office of the Privacy Commissioner of Canada, who has the power to investigate complaints, conduct audits, and pursue court action.  Finally, the Financial Institutions Supervisory Committee, whose membership consists of OSFI, the Bank of Canada, the Department of Finance, CDIC and FCAC, meets to discuss, coordinate, and advise the federal government on issues related to the Canadian financial system.

There are also three supranational regulatory bodies that are influential in Canadian banking.  The Bank for International Settlements (BIS), of which the Bank of Canada is a member, leads global regulatory work on financial systems across the globe.  The Basel Committee on Banking Supervision (Basel Committee) is made up of BIS members, and sets out to strengthen worldwide banking through the release of recommendations aimed at enhancing financial stability.  OSFI is a Basel Committee member and is committed to implementing its recommendations.  Lastly, the Financial Stability Board (FSB), which consists of G20 countries, monitors and makes recommendations related to the global financial system. 

Restrictions on activities

The Bank Act imposes ownership requirements on banks in Canada.  For instance, the Bank Act prohibits a person from being a major shareholder of a bank with equity of $12bn or more.  Banks with equity of more than $2bn but less than $12bn must have at least 35% of their shares with voting rights listed and posted on a recognised stock exchange and they must not be owned by a major shareholder.

Pursuant to the Bank Act, banks are only permitted to carry on the "business of banking" which includes activities such as providing financial services, acting as a financial agent, providing investment counselling, issuing payment, credit, or charge cards, etc.  Except when permitted by the Bank Act, banks may not "deal in goods, wares or merchandise or engage in any trade or other business".

The Bank Act also includes restrictions on undertaking fiduciary activities, guarantees of payment or repayment, dealing in securities, engaging in the insurance business, undertaking personal property leasing activities, and entering into partnerships.  Moreover, banks have restrictions on the types of investments they can make and are prohibited from investing in an entity that carries on some activities listed above or entities that deal in securities, except in certain circumstances.  Banks may invest in securities, but are restricted from making substantial investments (e.g. acquiring more than 10% interest in a non-bank entity) or in controlling certain types of entities.  Under s.468(1) of the Bank Act, banks may acquire control of, or make a substantial investment in other banks, trust or loan companies, insurance companies, cooperative credit societies and entities primarily engaged in dealing in securities.  However, certain investments nonetheless require the approval of OSFI or the Minister of Finance.

Banks are prohibited from imposing any undue pressure or coercion on any person to obtain a product or service.  Subject to certain exceptions, a bank cannot make a loan that contains conditions which prohibit the prepayment of the loan prior to the due date, nor require an initial minimum deposit or the maintenance of a minimum balance with respect to a retail account of an individual who meets certain prescribed conditions. 

Banks are also prohibited from entering into related party transactions, except as otherwise permitted under the Bank Act (for instance, if the value is "nominal or immaterial to the bank").

Recent, impending or proposed changes to the regulatory architecture

The banking architecture in Canada has continued to change to strengthen financial security and to incorporate international standards.  In August 2017, the Department of Finance released its second consultation paper, entitled Potential Policy Measures to Support a Strong and Growing Economy: Positioning Canada's Financial Sector for the Future. This paper launched the second phase of a renewal of Canada's federal financial institution statutes prior to the statutory sunset date of March 29, 2019. The statutes that may receive consideration in parliament include the Bank Act,the Cooperative Credit Associations Act, the Insurance Companies Act and the Trust and Loan Companies Act. The Department of Finance is focusing on four central themes in relation to its policy review; (i) supporting a competitive and innovative sector, (ii) improving the protection of bank consumers, (iii) modernising the framework, and (iv) safeguarding a stable and resilient sector.

To address the emergence of Fintech in the banking industry, the Department of Finance is exploring policy updates, including measures that: (i) clarify the powers of financial institutions to engage in Fintech business initiatives; (ii) facilitate a collaborative environment between federally regulated institutions and Fintech companies; and (iii) simplify and streamline the entry and exit frameworks for financial sector entrepreneurs, including Fintechs, to enter and exit the financial sector.

The Competition Bureau announced in May of 2016 that it had launched a market study on technology-led innovation in the Canadian financial services industry, assessing how consumer and business interactions with financial products and services are shaped by innovative technologies such as mobile payments, online crowdfunding, peer-to-peer banking and robo-advisors.  The study focuses on the competitive impact of new technologies with the aim of highlighting areas for regulatory reform to promote financial innovation while maintaining consumer protection. A final report is expected to be published by the Competition Bureau in late 2017.

In 2016, PC announced the adoption of an initiative to modernise Canada's payment structure by introducing a new internationally recognised payment standard, the ISO 20022.  Implementation of the new standard is part of a five-year strategic plan. The Industry Roadmap & High-Level Plan, representing the next phase of PC's strategic modernisation plan, was published in December 2016 and was open for feedback until January 2017.

In 2015, OSFI issued the final version of its advisory with respect to the early adoption of IFRS 9 for Domestic Systemically Important Banks (D-SIBs) (i.e., the six largest banks in Canada) requiring that D-SIBs adopt IFRS 9 for the annual period beginning on November 1, 2017.  A draft guideline released in March 2016 confirmed that smaller, less systemic, federally regulated entities (FREs) with annual periods ending October 31, 2017 can choose to adopt the standard on November 1, 2017 or wait until January 1, 2018 when all FREs with annual periods beginning January 1, 2018 are required to adopt the standard.  The final guideline, entitled IFRS 9 Financial Instruments and Disclosures, was released by OSFI on June 21, 2016.  IFRS 9 is a forward-looking approach which aims to improve issues arising from the method of accounting for financial instruments, simplify the existing rules and enhance investor confidence in the financial system in Canada.

OSFI has introduced several other changes and proposed changes recently.  In August 2016, OSFI released a guideline entitled Pillar 3 Disclosure Requirements, clarifying its expectations regarding domestic implementation by Canadian banks of the Revised Pillar 3 Disclosure Requirements issued by the Basel Committee in January of 2015. 5  In April of 2017, OSFI issued further clarification on the domestic implementation of Phase 1 of the revised Pillar 3 requirements for Canadian D-SIBs in its Pillar 3 Disclosure Requirements Guideline.  The implementation of the Revised Pillar 3 Disclosure Requirements by D-SIBS is expected for the reporting period ending October 31, 2018.  OSFI also: released the final version of Guideline E-22: Margin Requirements for Non-Centrally Cleared Derivatives in February, 2017(effective June, 2017) imposing mandatory margin requirements to all non-centrally cleared over-the-counter derivatives; issued a self-assessment template to assist institutions in assessing their practices against the principles outlined in OSFI's Guideline E-21: Operational Risk Management; issued a revised Standardized Approach (TSA) & Advanced Measurement Approach (AMA) self-assessment template; issued two letters to DTIs extending the domestic implementation of the Net Stable Funding Ratio (NSFR) initially set for January 1, 2018 and the minimum capital requirements for market risk(also known as the Fundamental Review of the Trading Book (FRTB)) agreed to by Basel Committee members in January 2016 by at least one year; and published 10 revised transaction instructions with respect to several different types of transactions that banks may be involved in.

Recent regulatory themes and key regulatory developments in Canada

Canadian banks are subject to the regulatory oversight of OSFI.  OSFI has publicly affirmed its commitment to participating in the development of international financial standards, and has been proactive in the adoption and implementation of the Basel III framework of the Basel Committee.  It is expected that the theme of principle-based regulation and individual institution oversight will continue in Canada, as well as the implementation of resolution regimes.

Residential mortgage underwriting

In October 2017, OSFI released a revised Guideline B-20 – Residential Mortgage Underwriting Practices and Procedures, which comes into effect in January 2018.  The revised Guideline outlines OSFI's enhanced expectations for all FRFIs engaged in residential mortgage underwriting and/or the acquisition of residential mortgage loan assets.  Under the Guideline, FRFIs must continue to develop strong underwriting policies, perform increased due diligence to record and assess the borrower's identity, background and demonstrated willingness to service his/her debt obligations on a timely basis, and develop effective credit and counterparty risk management practices and procedures that support residential mortgage underwriting and loan asset portfolio management.

Capital conservation buffer

To avoid breaches of minimum capital requirements, banks in Canada are now required to hold a capital conservation buffer.  These changes are set out in OSFI's Capital Adequacy Requirements (CAR) 2017 (CAR Guidelines), which revised the 2014 version.  Implementation was expected by November 1, 2016 for institutions with an October 31 year end, and January 1, 2017 for institutions with a December 31 year end.  The implementation process will continue until 2019, at which time the capital conservation buffer will be equal to 2.5% of a bank's risk-weighted assets.  Currently, banks in Canada are advised to maintain the minimum Common Equity Tier 1 capital ratio, Tier 1 capital ratio and total capital ratio plus the capital conservation buffer. In 2017, OSFI released draft revisions to the CAR Guidelines, which include changes implementing the amendments to Basel III finalised by the Basel Committee in October, 2016 in respect of holdings of instruments issued by Global Systemically Important Banks (G-SIBs), and changes related to the treatment of allowances as a result of the expected adoption of IFRS 9 by DTIs in 2018. 

Common Equity Tier 1 Surcharge

Consistent with the Basel Committee's Basel III framework, and as described above, OSFI has designated six Canadian institutions as D-SIBs: Bank of Montreal; Bank of Nova Scotia; Canadian Imperial Bank of Commerce; National Bank of Canada; Royal Bank of Canada; and Toronto-Dominion Bank of Canada.  These six D-SIBs account for approximately 90% of the total assets of Canada's federally regulated DTIs and must achieve compliance with heightened regulatory requirements.  The imposition of such requirements may offset the potential negative impact of any one D-SIB's failure.

As of January 1, 2016, D-SIBs are subject to a Common Equity Tier 1 Surcharge (CET1) equivalent to 1% of the D-SIB's risk-weighted assets.  This CET1 surcharge is implemented through the extension of the capital conservation buffer.  D-SIBs will be restricted in their ability to make distributions such as dividends in the event they do not satisfy their relevant capital conservation ratio.

Bank governance and internal controls

The legislative requirements for the governance of banks are found in the Bank Act which prescribes the form and degree of governance required.  The Bank Act sets out that Canadian banks must have a minimum of seven directors; if the bank is a subsidiary of a foreign bank, at least half of its directors must be resident Canadians, and if the bank is a domestic bank, a majority of its directors must be resident Canadians.  Banks are prohibited from having more than two-thirds of their directors qualifying as 'affiliated' with the bank, which includes but is not limited to the following relationship with the bank: ownership of a significant interest in a class of shares; being a significant borrower; or acting as an officer.

Directors are legally obligated to discharge their duties honestly and in good faith with a view to the best interests of the bank, and are required to exercise the care, diligence and skill set that a reasonably prudent person would exercise in comparable circumstances.  Directors must also establish an audit committee, a conduct review committee, a committee to monitor compliance with public disclosure requirements and a committee to monitor the resolution of conflicts of interest.  The CEO of a Canadian bank must be a director of the bank as well as a resident of Canada.  A significant feature of the Bank Act is the reservation of the power in the shareholders to remove a bank's directors.  A bank's board of directors (Board) is responsible for ensuring that the compensation of employees, senior management (Management) and the Board is aligned with the bank's long-term interests.  Compensation for all employees is to be consistent with the FSB's Principles for Sound Compensation guideline and related Implementation Standards.

Corporate governance – the role of the board and management

Although the legislative regime of the Bank Act is fulsome, OSFI publishes guidance documents which detail the practical mechanisms of compliance in the Canadian banking industry.  OSFI's Corporate Governance guideline (Governance Guideline) communicates OSFI's expectations with respect to corporate governance and complements the Bank Act and the applicable Supervisory Framework and Assessment Criteria.  The Governance Guideline does not apply to the branch operations of foreign banks.  It highlights the distinction between the decision-making role of a bank's Board and the decision-implementing role of its Management and sets out that a Board should be independent of Management.  Apart from the critical separation of the roles of Board Chair and CEO, the Governance Guideline does not prescribe any single Board structure as guaranteeing independence.

The Governance Guideline sets out that the Board plays a crucial role in the success of a DTI through its approval of overall strategy and risk appetite as well as oversight of Management and internal controls, and specifies that the primary functions of a bank's Board should include approving the following:

  • Short- and long-term business objectives and strategies including a Risk Appetite Framework (RAF) detailing the aggregate level, type and limits of risk acceptable to the bank to achieve its objectives.
  • Significant strategic initiatives such as mergers and acquisitions.
  • Appointment, performance review and compensation of the bank's CEO and other senior Management, where appropriate, as well as succession planning regarding the Board, CEO and other members of senior Management, where appropriate.
  • Prompt notification of regulators when the bank is faced with substantive issues.
  • External audit plan.
  • Internal control framework.

Management of a bank should be responsible for, among other things, a review of the following:

  • Significant operational and business policies.
  • Business and financial performance relative to the strategy and Risk Appetite Framework approved by the Board, as per above.
  • Implementation and effectiveness of internal controls.
  • Regular interaction with regulators regarding the overall operations of the bank.
  • Organisational structure.
  • Compliance with relevant laws, regulations and guidelines.

Both Board and Management have significant duties beyond those expressly found in the Bank Act.  The structure of the bank itself may impose some further duties on a Board.  For example, a parent company's Board should implement sufficient oversight of a subsidiary's activities to ensure that the parent Board is able to discharge all of its responsibilities to the parent company.  The interaction between Management and the Board should occur primarily through the CEO.  The Board should supervise the oversight functions of the bank through the engagement of the relevant committee, such as the audit committee.  The heads of the oversight functions should have sufficient authority and autonomy from Management.  They should have unfettered and direct access to the Board or the relevant Board committee for reporting purposes.

Risk governance

One focal element of the Governance Guideline is the concept of risk governance which OSFI characterises as a distinct and crucial element of corporate governance in Canada.  Banks should be in a position to identify the important risks they face, assess the potential impact of them and have policies and controls in place to effectively manage them.  Risk governance includes, but is not limited to, liquidity, credit, market, insurance, and operational risks.  A bank's Board should establish an RAF that is "enterprise-wide and tailored to its domestic and international business activities and operations", that includes the goals, benchmarks, parameters and limits that the bank considers appropriate, and that  establishes mechanisms to control risk as well as a process to ensure the effectiveness of such controls.

Measures endorsed in the Governance Guideline include the creation of a Board Risk Committee and the appointment of a Chief Risk Officer (CRO).  The CRO should have the necessary stature and authority within the bank and should be independent from operational management.  The CRO should not be directly involved in revenue-generation, and their compensation should not be linked to the bank's performance of specific business lines.  The CRO should have unfettered access to and a direct reporting line to the Board or Risk Committee.

In September 2017, OSFI published the Enterprise-Wide Model Risk Management for Deposit-Taking Institutions Guideline, designed to establish a common standard for enterprise-wide model risk management in order to ensure that all institutions have a baseline understanding of the minimum level of expectations with respect to their use of models that could have a material impact on the institution's risk profile.  OSFI will treat Internal Models Approved Institutions (IMAIs) and Standardized Institutions (SIs) differently under its Guideline.  IMAIs are subject to all components of the Guideline, whereas SIs are only required to comply with OSFI's minimum expectations (but should strive to comply with the entire Guideline).

The role of the audit committee

The Governance Guideline also expands upon the relevant duties of the Audit Committee as mandated by the Bank Act.  The Audit Committee, not Management, should recommend to the shareholders the appointment of the external auditor for the bank.  The Audit Committee should satisfy itself of the skills, resources and independence of the external auditor prior to reaching an agreement to engage the auditor and should put in place a process to address any concerns raised by OSFI or other stakeholders regarding the independence of the external auditor selected.  The Audit Committee should discuss with Management and the external auditor the overall results of the audit, including a review of the following:

  • Key areas at risk of material misstatement within the financial statements.
  • Areas of material auditor judgment, including accounting policies and estimates.
  • Opinion of the external auditor on the nature of the estimates/models (for example, whether the estimates/models are aggressive or conservative), and, if there are options, the reasoning that led to the final valuation decision, including a consideration of industry practice.
  • Deficiencies in the bank's internal control.
  • Areas for improvement in financial statement disclosures.

The Audit Committee should report to the Board on the effectiveness of the external auditor on an annual basis.

Outsourcing banking functions

Technology, specialisation, cost and competition continually and dynamically shape the market for Canadian banks both domestically and abroad.  Banks may consider outsourcing certain activities in response to such shifts in the market.  OSFI's guideline on Outsourcing of Business Activities, Functions and Processes (the Outsourcing Guideline) highlights that although regulatory flexibility is afforded in order to ensure the commercial viability of Canadian banks, banks remain responsible for all outsourced activities.  In light of this responsibility, a bank's Board should periodically approve and review outsourcing policies and relationships.  Management should communicate with the Board regarding material outsourcing risks, develop outsourcing policies for Board approval, implement such outsourcing policies upon approval and periodically review their effectiveness.

It is expected that banks will assess the materiality of their outsourcing arrangements, developing and maintaining a Risk Management Program for all material outsourcing arrangements.  A bank should maintain a centralised list of all outsourcing arrangements identified as material as part of its Risk Management Program.  A template for such a centralised list is annexed to the Outsourcing Guideline.  OSFI recommends the use of a table to capture the nature of the arrangement, the jurisdiction from which the service is being provided, the expiry and renewal dates applicable to the arrangement, the estimated cost of the arrangement and the estimated value of the contract.

Bank capital requirements

Part X of the Bank Act deals with adequacy of capital and liquidity for Canadian banks and requires that banks maintain adequate capital and adequate and appropriate forms of liquidity.  Bank capital consists of "Tier 1" capital, consisting of Common Equity Tier 1 capital and Additional Tier 1 capital, and Tier 2 capital.

OSFI is authorised under the Bank Act to establish guidelines respecting both the maintenance of adequate capital and adequate and appropriate forms of liquidity.  The Capital Adequacy Guideline implements the related Basel III capital rules without significant deviation, other than a more accelerated timeline than required under Basel III.  All Canadian financial institutions (regardless of the size) have been required to adhere to the Basel III BCBS Disclosure Rules since the beginning of Q3 2013.

Canada has also adopted the Basel III leverage ratio and disclosure requirements which came into effect beginning in Q1 2015 (pursuant to OSFI's Leverage Requirements Guideline), requiring all Canadian banks to maintain a leverage ratio that meets or exceeds 3% at all times.  OSFI also has the power to prescribe leverage ratio requirements for specific institutions at a greater level than 3% on the basis of a number of factors, including the institution's risk-based capital ratios compared to internal targets and OSFI targets, the adequacy of capital and liquidity management processes and procedures, and the institution's risk profile and business lines.  The authorised leverage ratio for individual institutions is not publicly disclosed.

In June, 2016, OSFI published a draft guideline entitled Total Loss Absorbing Capacity (TLAC) (TLAC Guideline) in preparation for the coming into force of subsection 485(1.1) of the Bank Act associated with the new bail-in regime for D-SIBs (discussed below) which will require D-SIBs to maintain a minimum capacity to absorb losses.  The purpose of the TLAC requirement is to provide a non-viable D-SIB with sufficient loss-absorbing capacity to support its recapitalisation, which would facilitate an orderly resolution of the D-SIB while minimising adverse impacts on the stability of the financial sector, ensuring the continuity of critical functions, and minimising taxpayers' exposure to loss. At this time, it is expected that public disclosure of D-SIBs' TLAC ratios will commence for the fiscal quarter commencing on November 1, 2018.

As part of compliance and monitoring requirements, financial institutions provide OSFI with quarterly Basel Capital Adequacy Reporting (BCAR).  The BCAR was updated in August, 2017 to include the risk-based TLAC ratio of a reporting D-SIB referenced above.  If reporting indicates deteriorating capital, the financial institution can be subject to escalating stages of intervention, starting with additional reporting requirements and continuing to specific temporary restrictions on the business lines of the financial institution.  Additionally, OSFI has the authority to direct a financial institution to increase its capital if it determines that a financial institution is undercapitalised or, in severe cases, to take control of the assets of the financial institution or of the financial institution itself.

Rules governing banks' relationships with their customers and other third parties

The Bank Act and specific regulations thereunder have detailed provisions relating to consumer protection issues.  Among other things, the Bank Act and related regulations contain requirements for the simplified disclosure to customers of the cost of borrowing and interest rates.

The FCAC has the mandate of administering consumer protection provisions of the Bank Act.  Pursuant to the Financial Consumer Agency of Canada Act, the FCAC's mandate includes, among other things: supervision of FRFIs to ensure that they comply with federal consumer protection measures; promotion and compliance with policies and procedures, voluntary codes of conduct, and financial institutions' public commitments designed to implement consumer protection measures; supervision of payment card network operators; and promotion of consumer financial awareness.  The FCAC also monitors and evaluates trends and emerging issues in consumer financial services and promotes public awareness about the consumer protection obligations of financial institutions and payment card network operators.  The FCAC has the power to impose monetary penalties, impose criminal sanctions or take other actions as necessary.  However, in cases of minor oversights, the FCAC will work with financial institutions to rectify any issues. In April, 2017, FCAC released a new Supervision Framework which will replace the current Compliance Framework in 2018.  Although the core activities governing the FCAC's supervisory approach remain consistent, numerous enhancements have been incorporated into the new framework.

The CDIC, a statutory corporation, provides deposit insurance on certain types of small deposits.  The CDIC is funded through premiums charged to member institutions.  The CDIC insures up to $100,000 per customer per financial institution per insured category of deposits for certain eligible Canadian dollar-denominated deposits (including savings accounts, chequing accounts and term deposits with an original term to maturity of five years or less).  In June 2016, Bill C-15 Budget Implementation Act 2016, No. 1 was passed in Parliament which introduced changes (mostly to the Canada Deposit Insurance Corporation Act) to establish a bail-in regime for D-SIBs.  The bail-in regime will allow authorities to convert certain debt of a failing D-SIB common shares to recapitalise the bank and allow it to remain open and operating.  Only prescribed long-term debt will be subject to the bail-in power, and all deposits would be excluded.  In June 2017, three regulations were proposed by the Department of Finance to facilitate implementation of the bail-in regime, including the Bank Recapitalization (Bail-in) Conversion Regulations, Bank Recapitalization (Bail-in) Issuance Regulations, and Compensation Regulations. Together, these Regulations define the conditions for the conversion of instruments eligible for bail-in, outline terms that must be adhered to upon issuance of an eligible bail-in instrument, and establish a framework to determine compensation for those entitled under the regulations.  Finalised versions of these Regulations are expected later in 2017.

The TLAC Guideline, together with the CAR requirements and the Leverage Requirements Guideline (each as discussed above), help to form the framework for the assessment of whether a D-SIB maintains its minimum capacity to absorb losses, in accordance with the Bank Act.

With respect to customer information and privacy, Canadian banks must comply with the Personal Information Protection and Electronics Documents Act (PIPEDA).  In addition, all banks in Canada have a common law duty of confidentiality in their dealings with customers and in customer identification.  PIPEDA provides a regulatory regime in respect of collection, use and sharing of personal information in the context of commercial activities, and requires that institutions obtain an individual's consent prior to using such personal information.  Canadian banks have a positive duty to safeguard personal information that has been collected and to abide by the limits on the retention of personal information, as set out in PIPEDA.

Banks are also required to comply with Canada's Anti-spam Legislation (CASL) which regulates unsolicited commercial electronic communications sent by commercial enterprises to individuals.  CASL applies to all electronic messages and requires the prior consent (express or implied) of the recipient before any such message can be sent, and includes mechanisms for civil recourse as well as monetary penalties and criminal charges for non-compliance.  Sections setting out a private right of action for breach (which would have opened the door to possible future class action lawsuits) were suspended by the Government of Canada, pending further review by a parliamentary committee.


  1. SC 2000, c. 17.
  2. Department of Finance Canada, Potential Policy Measures to Support a Strong and Growing Economy: Positioning Canada's Financial Sector for the Future (August 2017) online:
  3. Competition Bureau, Competition Bureau launches FinTech market study (May 2016) online:
  4. Competition Bureau, Technology led innovation and emerging services in the Canadian Financial Services Sector (January 2017) online:
  5. Office of the Superintendent of Financial Institutions, "Draft Guideline – Pillar 3 Disclosure Requirements" (January 2016) online:
  6. Office of the Superintendent of Financial Institutions, Letter: OSFI's Implementation timeline for the Net Stable Funding Ratio (March 2017), online:; Office of the Superintendent of Financial Institutions, Letter: OSFI's Implementation Timeline for the Fundamental Review of the Trading Book (FRTB) Rules (July 2017), online:
  7. Office of the Superintendent of Financial Institutions, Guideline: Capital Adequacy Requirements 2017 (December 2016), p. 30: online:
  8. Basel Committee on Banking Supervision, Basel III: A global regulatory framework for more resilient banks and banking systems (Bank for International Settlements: December 2010, rev June 2011): online
  9. Office of the Superintendent of Financial Institutions, OSFI Annual Report 2016–2017 (October 2017), p. 9: online:
  10. Bank Act, SC 1991, c. 46.
  11. Bank Act, SC 1991, c. 46, s. 163; Affiliated Persons (Banks) Regulations, SOR/92-325, s. 3.
  12. Office of the Superintendent of Financial Institutions, Supervisory Framework (December 2010) online:
  13. Office of the Superintendent of Financial Institutions, Guideline: Corporate Governance (January 2013) Section I, online:
  14. Office of the Superintendent of Financial Institutions, Guideline: Enterprise-Wide Model Risk Management for Deposit-Taking Institutions (September 2017), online:
  15. Affiliated Persons (Banks) Regulations, SOR/92-325, s. 3.
  16. Office of the Superintendent of Financial Institutions, Guideline: Outsourcing of Business Activities, Functions and Processes (March 2009) Section 1, online:
  17. Office of the Superintendent of Financial Institutions, Guideline: Leverage Requirements Guideline (October 2014) Section 1, online:
  18. Financial Consumer Agency of Canada, Guideline: Supervision Framework (April 2017), online:

Canadian chapter reproduced with kind permission from Global Legal Group Ltd.

The foregoing provides only an overview and does not constitute legal advice. Readers are cautioned against making any decisions based on this material alone. Rather, specific legal advice should be obtained.

© McMillan LLP 2018

To print this article, all you need is to be registered on

Click to Login as an existing user or Register so you can print this article.

Darcy Ammerman
Tayleigh Armstrong
Pat Forgione
Similar Articles
Relevancy Powered by MondaqAI
Davies Ward Phillips & Vineberg
In association with
Related Topics
Similar Articles
Relevancy Powered by MondaqAI
Davies Ward Phillips & Vineberg
Related Articles
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Registration (you must scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of

To Use you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions