Office of the Superintendent of Financial Institutions
This Guideline builds upon the following:
Regulatory System: The federal prudential regulatory
system is based on a tripartite division of responsibilities involving:
The primary responsibility for ensuring FREs are soundly managed
and directed rests with the board of directors and senior management
of the FRE. Accordingly, the suitability and integrity of senior
management and members of boards of directors pose an important
concern for the FRE and OSFI, as the safety, soundness and reputation
of an FRE can be negatively affected by the actions of these individuals.
Supervisory Approach: While OSFI assesses competence
and experience of proposed directors and senior officers and verifies
criminal records at incorporationFootnote 1, OSFI relies
on the FRE’s own internal processes for assessing the ongoing suitability
and integrity of these individuals post authorization. Where warranted,
OSFI applies a risk-based approach to assessing the FRE’s processes.
This Guideline outlines a number of principles to assist FREs
in establishing policies and procedures regarding the conduct of
assessments of their Responsible Persons and indicates areas that
OSFI may focus on during supervisory reviews.
The Guideline recognizes that aspects of these assessments that
address the suitability of a person, such as expertise, require
assessment only upon initial appointment whereas regular assessments
would focus on particulars that can change over time – for example,
legal proceedings against an individual or changes in professional
While FREs already have various policies and procedures in place
to regularly assess the suitability and integrity of Responsible
Persons to satisfy their own internal requirements (e.g., hiring
policies or code of conduct) or to satisfy other statutoryFootnote 2
or regulatory requirements (e.g., public listing requirements),
this guideline clarifies expectations with regard to fundamental
aspects of such policies and procedures across institutions to
minimize safety and soundness concerns, including prudential and
This Guideline should be considered prudent practices or standards
that can be considered by all FREs in developing their own practices
Individual FREs can adopt different approaches that suit their
circumstances with respect to conducting assessments of their
Responsible Persons having regard to their nature of business,
size, complexity, geographic location(s), risk profile, structure
and ownership. The supervisory process takes this into consideration
in the evaluation of individual FREs.
For the purposes of this Guideline, an FRE is defined as:
For the purposes of this Guideline, a Responsible Person is defined
OSFI expects every FRE to have a written policy regarding the
performance of assessments of the suitability and integrity of its
Responsible Persons (Assessment Policy).
FREs belonging to the same corporate group may have one umbrella
Assessment Policy for the entire group.
OSFI expects that the senior management of banks,
insurance companies, bank holding companies, insurance holding companies, trust and loan companies, co-operative credit associations and retail associations will approve these entities’ Assessment Policy (and any material amendments thereto). Chief agents and principal officers should approve or be aware of the Assessment Policy (and any material amendments thereto) in the case of branches. This is consistent with OSFI Guidelines
E-4A – Role of Chief Agent and Record Keeping Requirements
and E-4B – Role of the Principal officer and Record Keeping
OSFI expects that this Assessment Policy will consider the following
matters in a way that prudently minimises the risks that persons
who are not suitable or do not possess the required integrity do
not hold Responsible Person positions:
All FREs are expected to identify as Responsible Persons individuals who play a significant role in the management of the FRE. OSFI expects that senior management will approve the list of Responsible Persons subject to the assessments.
Where employment contracts are in place that preclude the FRE
from assessing Responsible Persons appointed to their positions
prior to the coming into force of this Guideline, such Responsible
Persons can be exempted from assessments until a notice of change
of contract can be provided, their employment contract is renewed
or their responsibilities change.
Only one assessment is necessary in respect of Responsible Persons
identified as being a Responsible Person in more than one FRE
of the same corporate group. Senior management may choose not to apply
the provisions of this Guideline to individuals in an FRE subsidiary
of a larger FRE in a corporate group where the management of the
FRE subsidiary is directed by Responsible Persons of the larger
FRE in the control chain.
Please refer to OSFI’s Corporate Governance Guideline for OSFI’s expectations of FRE Boards of Directors in regards to operational, business, risk and crisis management policies.
OSFI expects the Assessment Policy would require an assessment
to be conducted before a person is appointed to a Responsible Person
position unless it would be imprudent to delay the appointment.
In such cases, the assessment would occur as soon as practicable
and in any event within a number of days specified in the Assessment
Policy. The initial assessment would address all aspects of the
assessment including aspects that are not subject to change as well
as those that can change over time.
After the initial appointment, updated assessments of each Responsible
Person would be conducted at intervals specified in the Assessment
Policy, which should be no longer than five years. Updated assessments
can focus only on aspects that can change over time. FREs can rely
on attestations from Responsible Persons to conduct update assessments.
However, FREs areexpected to independently verify Responsible Persons’
criminal records at least every seven years.
Assessments should be undertaken between intervals if the FRE
acquires knowledge of material adverse information about a Responsible
OSFI expects that the Assessment Policy will indicate the key
practices that will be followed by the FRE in implementing the principles
of this Guideline, including the key practices relating to the FRE’s
decision-making process (discussed in greater detail in Part V c)
below). For example, the Assessment Policy could set out when and
how the Assessment Policy will be disclosed to Responsible Persons
and candidates for Responsible Person positions. OSFI also expects
the Assessment Policy to set out practices that will be followed
if the FRE concludes a Responsible Person is not suitable or does
not possess the required integrity, such as when and how the decision
will be escalated through the organization, how and when the Responsible
Person will be notified of adverse information as well as the steps
that will be taken to remove a Responsible Person. FREs should ensure
their practices comply with all applicable legal requirements, including
privacy and employment laws.
FREs are expected to have written internal procedures outlining
how the Assessment Policy will be implemented.
Where assessment procedures similar to those described in this
Guideline are already in place within an FRE to satisfy its internal
policies (e.g., hiring or code of conduct) or to satisfy other
regulatory requirements (e.g., public listing requirements), FREs
can refer to the procedures used to meet the other requirements.
Each FRE will implement its own procedures taking into account
its nature, size, complexity and risk profile. FREs that belong
to the same corporate group may appoint one FRE member of the
group to implement the Assessment Procedures in respect of every
FRE in the group.
The Assessment Procedures would consider the following matters:
FREs can assign the responsibility for conducting assessments
of each Responsible Person to any person or group within the organization.
OSFI expects the Assessment Policy to be implemented by appropriately
qualified individuals and that procedures exist to allow such individuals
to escalate concerns about findings in respect of a Responsible
Person or the conduct of assessments.
Some branches may not have sufficient staff complement to implement
this Guideline entirely within the branch. Accordingly, it may be
inappropriate to apply the specific provisions of this Guideline
directly to certain branches. Implementation of the Guideline in
certain branches may require the branch to enter into arrangements
with the home office (for example, conducting assessments of the
chief agent or principal officer).
FREs can assign responsibility for various facets of the assessments
to different groups in the FRE. FREs can outsource some of the functions
related to conducting assessments, but OSFI expects that an appropriate
person within the FRE will make the ultimate determination about
whether a Responsible Person possesses the required suitability
and integrity. Any outsourcing should comply with OSFI Guideline
B-10 - Outsourcing of Business Activities, Functions and Processes
and all privacy laws, as applicable.
In their Assessment Procedures, FREs can identify the information
they will obtain to assess the suitability and integrity of their
Responsible Persons, upon initial appointment of the Responsible
Persons to their positions and during subsequent update assessments.
FREs that have procedures in place to comply with other regulatory
requirements relative to suitability and integrity (e.g., requirements
related to listing or securities regulations such as Ontario Securities
Commission Rule 41-501 and/or National Instrument 44-101, National
Policy 58-201, National Instrument 51-102 and National Instrument
52-110), can reference the procedures in place to meet these other
requirements. FREs that have procedures in place to meet
these requirements will be viewed as meeting the requirements
of this section of the Guideline.
When a Responsible Person is first appointed to his or her position,
FREs would obtain sufficient information to allow them to conclude
that the Responsible Person possesses the suitability and integrity
to perform properly the duties of the Responsible Person position.
Such information could include:
When conducting assessments at initial appointment, FREs are expected
to verify information using searches of databases and information
made available by third parties when such independent sources are
available. Each FRE should determine in which jurisdictions and
how far back verifications should be conducted, based on the Responsible
Person’s history and circumstances. While attestations from Responsible
Persons about certain aspects of the assessments, such as civil
proceedings, are sufficient to meet the expectations of the Guideline,
OSFI encourages FREs to conduct their own independent verifications,
if they have grounds to believe that an attestation is insufficient
Subsequent to the initial appointment, the frequency at which
verifications are updated would reflect the specific circumstances
of each FRE and of each Responsible Person. Updates of assessments
can focus only on particulars that can change over time, such as:
In update assessments, FREs can rely on an attestation of the
facts from Responsible Persons for all aspects of the assessment.
In addition, FREs are expected to independently verify a Responsible
Person’s criminal record at intervals specified in the Assessment
FREs should document the decision-making process they will follow
when an adverse finding is made with respect to a Responsible Person.
For example, each FRE can set its own threshold about the type of
adverse information it would consider material and the type of information
it would gather to follow-up on the adverse information, including
mitigating factors or circumstances. The decision-making process
can be tailored to the unique circumstances of each individual FRE.
An adverse finding would not necessarily render a person unsuitable
to hold a Responsible Person position. Each finding should be considered
in relation to all surrounding circumstances (e.g. seriousness of
the incident or time elapsed since incident). OSFI expects FREs
to use judgement and to weigh the findings on each factor, including
the materiality of the adverse information and the relevance of
the factor to the Responsible Person’s duties.
A Responsible Person may be found unsuitable for a particular
Responsible Person position because of a lack of qualifications
for that position or because of a conflict of interest related to
the duties of that position. In that case, the Responsible Person
may still be suitable for another Responsible Person position. The
FRE may also redefine the duties associated with a Responsible Person
position. Each FRE must determine whether a negative finding about
a Responsible Person permanently disqualifies that person (for example,
absent legislative or other requirements to the contrary, whether
a Responsible Person who has been suspended by a professional association
can remain in the position after serving the suspension). However,
where a Responsible Person is found to lack integrity because of
negative findings related to the Responsible Person’s character
or honesty (for example, conviction for offences relating to money
laundering or fraud), that Responsible Person will normally not
be suitable for any Responsible Person position.
OSFI expects that persons who do not possess the required suitability
and integrity for a particular Responsible Person position will
not be appointed to that position. OSFI and FREs may disagree about
whether a Responsible Person is suitable or possesses the required
integrity. OSFI will work with the FRE to address areas of concern.
However, if OSFI determines that an FRE has taken insufficient action
to resolve a situation OSFI deems to be of material risk, it has
legislative authority to take remedial actionFootnote 3.
It is expected that senior management will:
Consistent with OSFI’s Corporate Governance Guideline,
OSFI recognizes that branches do not have Boards of directors and
accordingly it would be inappropriate to apply the requirements
of this Guideline directly to branch operations. OSFI looks to the
principal officer or chief agent of a branch to oversee the management
of the branch, including matters of corporate governance. As noted
in Part V a) of this Guideline, implementation of this Guideline
may require branches to enter into arrangements with the home office.
In respect of the obligations in this guideline, FREs belonging to the same corporate group may appoint senior management of one FRE in the group to discharge the obligations of the senior management of all FREs in the group.
FREs are not required to provide their Assessment Policy or Assessment
Procedures to OSFI on a regular basis. However, OSFI expects that
the Assessment Policies, Assessment Procedures and information about
assessments conducted in respect of each Responsible Person will
be retained by the FRE for a reasonable length of time specified
in the Assessment Policy and that such information will be readily
available for examination by OSFI upon request. As part of its regular
supervisory practices, OSFI may periodically, where warranted, verify
the assessments conducted by the FRE in accordance with its risk-based
OSFI looks not only for evidence that FREs have appropriate
policies and processes in place but also for indicators that these
policies and processes are understood, are being followed and
that, as a result, they are effective.
The assessment criteria examined by OSFI upon authorization
are found at sections 27, 526 and 675 of the Bank Act
(BA), sections 27 and 712 of the Insurance Companies Act
(ICA), section 26 of the Trust and Loan Companies Act
(TLCA), and section 27 of the Cooperative Credit Associations
Return to footnote 1 referrer
For example, FRE statutes disqualify some candidates for the
position of director of the FRE as per the Bank Act,
sections 160 and 750, Insurance Companies Act, sections
168 and 797, Trust and Loan Companies Act section 165,
Cooperative Credit Associations Act section 170.
Return to footnote 2 referrer
The Superintendent may remove directors, certain senior officers,
principal officers and chief agents (BA sections 617.2, 647.1
and 964, ICA sections 678.2, 678.4 and 1007, TLCA section 509.2
and CCAA section 441.2). These powers apply independently of
an FRE’s powers and duties, regardless of whether the FRE is
of the opinion that the Responsible Person meets the criteria
of suitability and integrity.
Return to footnote 3 referrer