CIRO CCO: Element 6 — Duties, Liabilities and Defences

Try 10 focused CIRO CCO questions on Element 6 — Duties, Liabilities and Defences, with answers and explanations, then continue with Securities Prep.

Topic snapshot

Sample questions

These questions are original Securities Prep practice items aligned to this topic area. They are designed for self-assessment and are not official exam questions.

Question 1

Topic: Element 6 — Duties, Liabilities and Defences

At a CIRO investment dealer, the CCO learns that a director bought, through a holding company, a software vendor the board had been considering acquiring for the dealer. The director did not disclose the purchase or recuse himself, and his holding company later earned a profit from licensing the software back to the dealer. No client losses have been identified. What is the most likely consequence?

• A. Business judgment protection largely applies because it was strategic
• B. A breach of fiduciary duty claim and possible disgorgement
• C. No significant legal exposure without direct client loss
• D. The conflict is cured by later disclosure to the board

Best answer: B

What this tests: Element 6 — Duties, Liabilities and Defences

Explanation: Directors and executives owe fiduciary duties to act honestly and in good faith with a view to the corporation’s best interests. Diverting a corporate opportunity for personal gain without disclosure can trigger a breach claim and disgorgement even if no client losses have yet occurred.

The core issue is fiduciary duty to the corporation, not whether clients have complained. A director cannot appropriate for personal benefit an opportunity the corporation was actively considering, especially without disclosing the conflict and stepping back from the decision. Here, the vendor was within the dealer’s strategic plans, and the director later profited from dealing with the firm through his own holding company. That creates immediate exposure to a claim for breach of fiduciary duty and an accounting or disgorgement of the profit. The absence of client loss may affect the overall harm analysis, but it does not eliminate the breach. Business judgment deference generally protects good-faith, informed decisions made for the corporation, not undisclosed self-dealing.

• Later disclosure fails because after-the-fact reporting does not erase an undisclosed conflict or diverted corporate opportunity.
• No client loss fails because fiduciary duties are owed to the corporation, and breach can exist without direct client harm.
• Business judgment fails because that doctrine does not protect self-interested conduct hidden from the board.

Taking a corporate opportunity for personal benefit without disclosure is a classic fiduciary breach that can require the director to account for the profit.

Question 2

Topic: Element 6 — Duties, Liabilities and Defences

Which statement best defines the due diligence defence available to a director or officer?

• A. It applies if they relied on management without making any independent inquiry.
• B. It applies whenever they acted honestly, even if they missed clear warning signs.
• C. It applies when they took reasonable steps and exercised prudent care to prevent the breach.
• D. It applies automatically once the firm agrees to indemnify them for losses.

Best answer: C

What this tests: Element 6 — Duties, Liabilities and Defences

Explanation: The due diligence defence is based on reasonable conduct, not automatic protection. A director or officer must show they exercised appropriate care and took sensible steps to prevent or address the problem in the circumstances.

The core idea behind the due diligence defence is reasonable prevention and oversight. A director or officer may avoid liability in certain situations if they can show they acted with the care, diligence, and skill that a reasonably prudent person would have exercised in comparable circumstances and took meaningful steps to prevent the misconduct or breach.

Good faith alone is not enough if obvious red flags were ignored. Likewise, relying on others can help only when that reliance was itself reasonable and consistent with proper oversight. Indemnification is different: it concerns who may cover costs or losses, not whether the person has established a legal defence to the underlying allegation.

The key takeaway is that due diligence requires evidence of active, reasonable conduct, not passive trust or automatic protection.

• Honesty alone is incomplete because good faith does not excuse ignoring clear compliance or governance warning signs.
• Blind reliance fails because reliance on management must itself be reasonable and cannot replace basic oversight.
• Indemnification confusion fails because indemnification is separate from proving a defence to liability.

Due diligence focuses on whether the director or officer acted reasonably and took appropriate preventive and supervisory steps in the circumstances.

Question 3

Topic: Element 6 — Duties, Liabilities and Defences

An investment dealer regulated by CIRO has a by-law allowing indemnification to the fullest extent permitted by law. A former director asks the board to reimburse defence costs from a provincial securities investigation into the firm’s disclosure controls; the file includes invoices but no analysis of the director’s conduct. Before the CCO recommends approval, what should be verified first?

• A. Board minutes showing support for consistent treatment of directors
• B. Confirmation that D&O insurance will not reimburse the same costs
• C. Evidence that the director met the legal good-faith and lawfulness standard
• D. Detailed support showing the legal invoices were reasonable

Best answer: C

What this tests: Element 6 — Duties, Liabilities and Defences

Explanation: An indemnity by-law does not make reimbursement automatic. The first issue is whether the director qualifies for indemnification under the governing legal standard, including honest good-faith conduct and, in an administrative or penal matter, a reasonable belief that the conduct was lawful.

For director indemnification, the threshold question is legal eligibility. Even if the dealer’s by-law permits indemnification, the firm should first confirm there is evidence that the director acted honestly and in good faith with a view to the corporation’s best interests and, where the proceeding is administrative or penal, had reasonable grounds to believe the conduct was lawful. If that foundation is missing, the board should not treat invoices, insurance coordination, or fairness concerns as the deciding issue.

After eligibility is established, the firm can assess secondary matters such as whether the fees are reasonable, whether D&O insurance may cover some or all costs, and what board approval process is required. The key point is that indemnification analysis starts with the director’s conduct, not with payment mechanics.

• Insurance first is tempting, but coverage does not determine whether the firm may legally indemnify the director.
• Invoice review is a later step; reasonable fees are still not payable if the director fails the indemnification standard.
• Board support may matter procedurally, but directors cannot approve around the legal conditions for indemnification.

Indemnification is gated first by whether the director legally qualifies, not by cost, insurance, or board preference.

Question 4

Topic: Element 6 — Duties, Liabilities and Defences

Maple North Securities has a board-approved strategy of steady growth with a moderate risk appetite and a stated goal of reducing suitability complaints. Senior management wants to launch leveraged principal-protected notes to retail clients within 45 days to meet revenue targets. The CCO’s review finds that product due diligence is incomplete, sales training is not ready, surveillance does not flag concentration or switching patterns, and recent suitability complaints have increased in the same channel. Which action best aligns with CIRO and CSA expectations when assessing the firm’s strategic objective and current position?

• A. Approve a limited pilot for experienced advisers while compliance builds the missing controls after launch.
• B. Recommend deferring the launch and escalate to the UDP and board until product governance, supervision, and client-targeting controls are ready.
• C. Launch on schedule because principal protection makes the product consistent with the firm’s complaint-reduction objective.
• D. Proceed if the issuer supplies due-diligence materials and agrees to indemnify the dealer for client losses.

Best answer: B

What this tests: Element 6 — Duties, Liabilities and Defences

Explanation: The best action is to stop and escalate the launch because the firm’s current position does not support the proposed strategy. A CCO should assess whether growth objectives fit the firm’s risk appetite, control environment, supervisory capacity, and client-protection obligations before business expansion proceeds.

When a dealer evaluates a strategic initiative, the question is not only whether the product may generate revenue, but whether the firm is actually positioned to offer it compliantly and prudently. Here, the proposed launch conflicts with the firm’s stated objectives and current condition: the board wants moderate risk and fewer suitability complaints, yet key controls are missing and complaints are already rising in the same channel.

The CCO should treat that mismatch as a governance and risk issue by escalating it to the UDP and board and recommending that the launch wait until the firm can support it. That means completing product due diligence, defining the target market, preparing training, and implementing supervision and surveillance that can detect foreseeable harms.

A smaller rollout or contractual protection from the issuer does not solve the dealer’s own obligations to supervise distribution and protect clients.

• Pilot first is tempting, but a limited rollout does not fix incomplete product governance or missing supervisory controls.
• Principal protection does not eliminate suitability, concentration, or sales-practice risk, especially for leveraged products.
• Issuer indemnity may shift some financial exposure, but it does not replace the dealer’s duty to assess, supervise, and escalate material compliance gaps.

A strategic initiative should not proceed when the firm’s controls, supervision, and risk posture are not aligned with the proposed business objective.

Question 5

Topic: Element 6 — Duties, Liabilities and Defences

The CCO’s quarterly board report identified repeated failures to escalate serious client complaints and stated that management had not completed the promised remediation or testing. One director did not read the report, asked no follow-up questions, and supported leaving the issue off the board agenda. In a later CIRO disciplinary proceeding against the firm and that director, what is the most likely consequence for the director?

• A. The director must immediately compensate all affected complainants personally.
• B. The director is protected because complaint oversight was delegated to the CCO.
• C. The director can rely on the business judgment rule despite not reviewing the report.
• D. The director may be unable to establish a due diligence defence.

Best answer: D

What this tests: Element 6 — Duties, Liabilities and Defences

Explanation: A due diligence defence depends on reasonable steps, informed oversight, and follow-up on red flags. Here, the director ignored a clear warning from the CCO and made no inquiry, so the most immediate consequence is a weakened ability to rely on that defence.

The core concept is the due diligence defence available to officers and directors when they act honestly, stay informed, and take reasonable steps to address known problems. In this scenario, the director had explicit notice from the CCO that complaint escalation was failing and that remediation had not been completed or tested. By not reading the report, asking no questions, and helping keep the matter off the board agenda, the director undercut any argument that reasonable inquiry or diligent oversight occurred.

Delegation does not let a director ignore red flags, and legal protections for board decision-making generally depend on an informed, good-faith process. The most likely immediate consequence is not automatic payment to clients, but difficulty using a due diligence defence in the regulatory case.

• Delegation alone does not protect a director who ignores a clear compliance warning requiring follow-up.
• Business judgment is weaker where the director was not properly informed before supporting inaction.
• Immediate personal compensation overstates the result; client recovery would depend on separate findings and remedies.

Ignoring a direct compliance warning and making no reasonable inquiry weakens the record needed to prove due diligence.

Question 6

Topic: Element 6 — Duties, Liabilities and Defences

The CCO of an Investment Dealer reviews a board-approval file for a five-year office lease. The landlord is a corporation controlled by one of the directors. The file contains a market-rent memo, outside counsel’s draft lease, and minutes showing the director disclosed the relationship before discussion began. The minutes then record the lease as approved unanimously, with no note that the director left the meeting or abstained. Which element is the most important deficiency in the file?

• A. Annual conflicts training for all directors
• B. Evidence the conflicted director was recused and did not vote
• C. A third independent market-rent comparison
• D. Written procurement sign-off on the lease terms

Best answer: B

What this tests: Element 6 — Duties, Liabilities and Defences

Explanation: The decisive gap is the conflict-management record, not the commercial support for the lease. In a related-party transaction, the file should show that the director disclosed the interest and did not participate in the approval decision, with the minutes reflecting recusal and abstention.

This scenario raises potential legal liability from a conflicted director’s involvement in a board decision. Once the relationship was identified, the approval file needed clear evidence that the director did not take part in deliberations or the vote. That control protects the integrity of the board process and helps defend against later claims that the transaction was influenced by self-interest or approved through a defective process.

A sound file would normally show:

• the nature of the conflict was disclosed;
• the conflicted director did not participate in the discussion;
• the director abstained from voting; and
• the minutes documented those steps.

More pricing support or later training may be helpful, but they do not cure a flawed approval process.

• More benchmarks strengthen the pricing record, but they do not fix the conflicted director’s participation in the decision.
• Procurement sign-off may improve internal documentation, yet the key legal risk here is board-governance failure, not vendor-selection paperwork.
• Board training is useful prospectively, but it does not remedy the missing recusal and abstention record for this transaction.

Disclosure alone is insufficient; the file should also show the conflicted director was excluded from the decision and abstained from voting.

Question 7

Topic: Element 6 — Duties, Liabilities and Defences

The CCO observes the following process before directors sign a prospectus certificate for the investment dealer’s publicly listed parent: management circulates the full draft, directors question key risk disclosures, the audit committee reviews the financial sections, and the directors rely in good faith on the external auditor for the audited statements. If a misrepresentation claim is later made, this process most directly supports which legal defence?

• A. Business judgment rule
• B. Due diligence defence
• C. D&O insurance coverage
• D. Corporate indemnification

Best answer: B

What this tests: Element 6 — Duties, Liabilities and Defences

Explanation: The described process is designed to show that the directors made a reasonable investigation before signing the prospectus and appropriately relied on expertised financial disclosure. That is the core function of the due diligence defence in a misrepresentation case.

In Canadian securities-law disclosure liability, directors and officers may defend a misrepresentation claim by showing they conducted a reasonable investigation and had no reasonable grounds to believe the document contained a misrepresentation. The stem describes the usual building blocks of that defence: receiving the full draft, asking questions, using committee review, and relying in good faith on an external auditor for audited financial statements.

Good-faith reliance on qualified experts is especially relevant for expertised portions, but it does not remove the need for an overall reasonable review by the directors themselves. A CCO would want this process documented through board materials, minutes, and evidence of challenge and follow-up.

The closest distractor is the business judgment rule, which concerns deference to informed business decisions, not a specific prospectus misrepresentation defence.

• Business decision standard is tempting, but the business judgment rule is not the main defence to statutory disclosure misrepresentation.
• Indemnification may help with costs or reimbursement, but it is not the substantive defence to the alleged misrepresentation.
• Insurance coverage can fund defence or settlement subject to policy terms, but it does not establish that the directors met the legal standard of care.

A reasonable investigation combined with good-faith reliance on expertised financial disclosure is the classic basis for a due diligence defence.

Question 8

Topic: Element 6 — Duties, Liabilities and Defences

At an Investment Dealer, the UDP sits on the advisory board of an issuer whose offering the firm is distributing, but that role was not disclosed to the firm’s board. Compliance testing finds altered due-diligence notes, internal product summaries that omit two material issuer risks, and three client complaints alleging misleading sales conversations. The offering is still open, remediation is incomplete, and the UDP tells the CCO to wait for the next quarterly board meeting before raising the issue. As CCO, what is the single best action?

• A. Bypass the UDP, escalate directly to the board chair or independent directors, pause distribution, and assess reportability
• B. Transfer the review to internal audit and revisit escalation after the offering closes
• C. Require a written conflict disclosure, enhanced supervision, and continued distribution
• D. Finish remediation and obtain legal advice before briefing the board at its next meeting

Best answer: A

What this tests: Element 6 — Duties, Liabilities and Defences

Explanation: The decisive issue is that a senior officer with an undisclosed conflict is trying to delay escalation while the offering remains open and client complaints already exist. The CCO should use an independent escalation path, stop further client exposure, and assess legal and regulatory reporting consequences without waiting for routine governance timing.

When a director or officer is personally conflicted and appears to interfere with disclosure or supervision, the CCO should not wait for the normal reporting cycle. Here, the UDP’s undisclosed outside role, altered due-diligence records, omitted material risks, and ongoing sales create potential regulatory, civil, and governance liability for both the firm and the individuals involved. The best response is to preserve compliance independence and reduce immediate client harm.

• Escalate outside the implicated officer to the board chair or independent directors.
• Pause or restrict further distribution until disclosure, due diligence, and supervision are reviewed.
• Assess whether the matter triggers CIRO or other reporting, with legal advice as needed.

The closest tempting response is to complete remediation first, but delay leaves the conflict and possible misdisclosure active during an open offering.

• Delaying until the next board meeting fails because an implicated UDP cannot control timing while the offering remains open.
• A written conflict disclosure and enhanced supervision are not enough because the board was bypassed and possible misleading distribution is already underway.
• Referring the matter to internal audit may help later, but it does not provide immediate independent escalation or client protection.

A conflicted UDP cannot control escalation of an active disclosure and supervision failure, so the CCO must act independently, protect clients, and consider prompt reporting.

Question 9

Topic: Element 6 — Duties, Liabilities and Defences

In Canadian corporate governance, what does acting in the best interests of the corporation primarily require when evaluating strategy?

• A. Maximizing short-term shareholder returns above all other considerations
• B. Implementing senior management’s preferred plan unless it is illegal
• C. Choosing the lowest-risk option regardless of corporate objectives
• D. Considering the corporation’s long-term interests and relevant stakeholder effects

Best answer: D

What this tests: Element 6 — Duties, Liabilities and Defences

Explanation: The duty is owed to the corporation itself, not only to shareholders, management, or any single constituency. In evaluating strategy, decision-makers should use informed, independent judgment about the corporation’s long-term interests while considering relevant stakeholder effects.

In Canadian corporate law and governance, acting in the best interests of the corporation means focusing on the corporation as the beneficiary of the duty. For strategic decisions, that requires good-faith, informed, and independent judgment about what will best advance the corporation’s interests over time. Decision-makers may consider the interests of stakeholders such as shareholders, employees, creditors, clients, and regulators, but those interests are considered because they are relevant to the corporation’s welfare, not because one group automatically ranks first.

A strategic choice is therefore not defined by short-term profit maximization, management preference, or simple risk avoidance. The key question is whether the decision responsibly supports the corporation’s long-term position and objectives. That is why the corporation-focused, long-term option is the best definition.

• The short-term shareholder-return choice is too narrow because the duty is not owed exclusively to current shareholders.
• The management-preference choice fails because directors and officers must exercise their own independent judgment.
• The lowest-risk choice fails because acting in the corporation’s best interests does not mean avoiding all risk regardless of strategy.

This standard is corporation-focused and requires informed, independent judgment about what best advances the corporation over time.

Question 10

Topic: Element 6 — Duties, Liabilities and Defences

The board of a CIRO-regulated Investment Dealer is asked to approve the purchase of a technology platform from an affiliate owned by one of the dealer’s directors. Management notes the price is about 20% above comparable bids, but the parent company wants the deal approved before quarter-end to support group integration. The CCO advises that operational due diligence is incomplete. Which board action best aligns with directors’ fiduciary obligations?

• A. Approve the deal now and ask compliance to complete its review after closing
• B. Defer the decision to management because fiduciary responsibility is primarily operational
• C. Require conflict disclosure and abstention, obtain independent advice, and decide based on the dealer’s best interests
• D. Approve the deal because the parent company’s strategic objective should prevail

Best answer: C

What this tests: Element 6 — Duties, Liabilities and Defences

Explanation: Directors of an Investment Dealer must act honestly and in good faith with a view to the best interests of the corporation itself. Where a director is conflicted and due diligence is incomplete, the board should use an independent, well-documented process before deciding.

The core fiduciary principle is loyalty to the corporation, exercised through an informed and conflict-managed decision process. In this scenario, the board cannot treat the parent company’s preference or the interested director’s position as decisive. The board should require full conflict disclosure, remove the interested director from the decision, obtain independent advice or valuation as needed, and assess whether the transaction is actually in the dealer’s best interests.

An informed process matters because directors are expected to exercise care, diligence, and independent judgment. Approving first and investigating later is weak governance, especially where operational due diligence is incomplete and the transaction is priced above comparable bids. The strongest board response is a conflict-free, well-documented decision focused on the dealer’s interests, not group pressure.

• Parent-company pressure does not override a director’s duty to act in the best interests of the dealer itself.
• Leaving it to management fails because the board cannot shed its own fiduciary responsibility on a material conflicted transaction.
• Approve now, review later is inconsistent with an informed decision process when key due diligence is still incomplete.

Directors must use a disinterested, informed process and act in the best interests of the dealer itself, not the interested director or parent company.

Continue with full practice

Use the CIRO CCO Practice Test page for the full Securities Prep route, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.

Related focused pages

• Free CIRO CCO Full-Length Practice Exam
• CIRO CCO: Element 1 — General Regulatory Framework
• CIRO CCO: Element 2 — Compliance Function and Operation
• CIRO CCO: Element 3 — Dealer Business Model
• CIRO CCO: Element 4 — Offering and Distribution of Securities
• CIRO CCO: Element 5 — Corporate Governance and Ethics
• CIRO CCO: Element 7 — Risk Management and Internal Controls
• CIRO CCO: Element 8 — Compliance as Risk Management
• CIRO CCO: Element 9 — Significant Areas of Risk
• CIRO CCO: Element 10 — Reporting and Regulatory Actions
• CIRO CCO: Element 11 — Compliance Responsibilities
• CIRO CCO: Element 12 — CCO Responsibilities
• CIRO CCO: Element 13 — UDP Responsibility

Free review resource

Use the full Securities Prep practice page above for the latest review links and practice route.