Try 90 free CIRO Supervisor questions across the exam domains, with answers and explanations, then continue in Securities Prep.
This free full-length CIRO Supervisor practice exam includes 90 original Securities Prep questions across the exam domains.
The questions are original Securities Prep practice questions aligned to the exam outline. They are not official exam questions and are not copied from any exam sponsor.
Count note: this page uses the full-length practice count maintained in the Mastery exam catalog. Some exam sponsors publish total questions, scored questions, duration, or unscored/pretest-item rules differently; always confirm exam-day rules with the sponsor.
| Item | Detail |
|---|---|
| Issuer | CIRO |
| Exam route | CIRO Supervisor |
| Official route name | CIRO Supervisor Exam |
| Full-length set on this page | 90 questions |
| Exam time | 180 minutes |
| Topic areas represented | 9 |
| Topic | Approximate official weight | Questions used |
|---|---|---|
| Element 1 — General Regulatory Framework | 10% | 10 |
| Element 2 — Supervisory Structure | 10% | 10 |
| Element 3 — Business and Operations Supervision | 9% | 9 |
| Element 4 — Account Approval Supervision | 20% | 20 |
| Element 5 — Account Activity Supervision | 15% | 15 |
| Element 6 — Approved Persons Supervision | 8% | 8 |
| Element 7 — Trading and Market Rules Supervision | 6% | 6 |
| Element 8 — Communications and Research Supervision | 7% | 7 |
| Element 9 — Dealer Activity and Location Risks | 5% | 5 |
Topic: Element 2 — Supervisory Structure
Under CIRO expectations, which service model is generally exempt from an Investment Dealer’s product due diligence obligation for recommended securities because the firm does not make recommendations?
Best answer: A
What this tests: Element 2 — Supervisory Structure
Explanation: Order-execution-only service is the general exemption because the dealer is executing client-directed trades rather than recommending securities. Product due diligence is tied to advice or recommendations, so advisory and discretionary services are not exempt.
Product due diligence means the dealer must understand a security’s structure, risks, costs, features, and basic fit before approving it for use in recommendation-based channels. That dealer-level review supports know-your-product and suitability obligations. An order-execution-only service is generally exempt because the firm is not advising on or recommending the security; the client decides what to trade. By contrast, managed accounts, full-service advisory relationships, and model-portfolio services all involve dealer-selected or dealer-recommended products, so the dealer still needs product due diligence before those products are made available. The key distinction is whether the firm is recommending or selecting the product, not whether the product is common or the client is experienced.
An order-execution-only service is generally exempt because the client directs the trade without receiving a recommendation from the dealer.
Topic: Element 9 — Dealer Activity and Location Risks
A compliance manager is reviewing the annual registered-location audit plan. Under the firm’s program, low-risk locations are audited every 36 months. One registered location remains rated low risk, but since the last plan update it has taken over a large book of senior clients, added a new Approved Person under close supervision, and shown increased margin and options activity. Before approving the unchanged audit cycle, what should the manager verify first?
Best answer: D
What this tests: Element 9 — Dealer Activity and Location Risks
Explanation: The key issue is whether the location’s current risk profile still supports a low-risk classification. When client demographics, staffing, and product activity change, the supervisor should first confirm that the formal risk assessment was updated and still justifies the audit cycle.
This tests risk-based supervision of registered locations. A clean prior audit or a routine attestation does not, by itself, justify keeping a longer audit cycle when the location’s business has changed. Here, the location has several new risk indicators: more senior clients, a new Approved Person requiring closer oversight, and increased margin and options activity. The first thing to verify is the current location risk assessment and the evidence behind that rating, such as business mix, client profile, complaints, staffing, and supervisory capacity. If the assessment was not updated, or if it understates the new risks, the audit program may no longer match the location and may need a shorter cycle or broader scope. Other documents may still matter, but they do not first establish whether the low-risk classification remains valid.
Audit frequency should be based on the location’s current risk profile, so the first step is confirming whether the low-risk classification is still supported.
Topic: Element 4 — Account Approval Supervision
A branch manager is reviewing a new retail account request for margin approval. The account form shows annual income of $55,000, liquid assets of $15,000, investment knowledge limited, and objectives income and capital preservation. An internal note from the Approved Person says the client will sell a rental property next month and then trade actively. Firm policy says supervisors must resolve conflicts using the client’s current, documented KYC before reviewing other approval items. What should the branch manager verify first?
Best answer: C
What this tests: Element 4 — Account Approval Supervision
Explanation: The supervisor must start with the controlling account-opening record. Because firm policy requires conflicts to be resolved through current, documented KYC, the first question is whether updated, client-confirmed information actually supports margin now.
When account-opening facts conflict with an internal note or an expected future event, the supervisor should first verify the client’s current, documented KYC. In this file, the recorded income, liquid assets, knowledge, and objectives are conservative, while the Approved Person’s note relies on a future property sale that has not yet occurred. Since firm policy says the conflict must be resolved through current KYC before other approval items are reviewed, the key supervisory step is to confirm whether there is updated, client-confirmed account information that changes the present facts and supports margin approval. If there is no such documentation, the file does not support approval on its face. Required documents and ongoing supervision still matter, but they do not come before confirming that the account-opening facts themselves support the requested feature.
The conflict must be resolved through current, client-confirmed KYC, because future expected assets and later controls cannot support margin approval.
Topic: Element 5 — Account Activity Supervision
During cross supervision, a branch manager sees that an Approved Person’s personal account, the AP’s spouse’s account, and four retail client accounts all bought the same thinly traded issuer within 20 minutes. The issuer has been on the firm’s restricted list since last week because the dealer’s corporate finance group is working on a confidential mandate. Firm policy requires immediate escalation to Compliance when possible insider trading or restricted-list trading is suspected, and related orders may be temporarily blocked pending review. Which supervisory response is most appropriate?
Best answer: B
What this tests: Element 5 — Account Activity Supervision
Explanation: The deciding factor is timeliness of escalation. Because the trading involves related accounts in a restricted-list security and suggests possible misuse of confidential information, the supervisor should escalate at once and use any permitted temporary controls while Compliance reviews the matter.
This is a suspicious-activity and market-abuse issue, not just a routine account review issue. The issuer is already on the firm’s restricted list, and the coordinated trading by the Approved Person, the spouse, and multiple clients creates a credible concern about insider trading or restricted-list trading. In that situation, the supervisor should promptly escalate to Compliance, preserve the evidence, and use any firm-approved temporary control, such as blocking further related orders pending review. That response is designed to contain potential harm and support an independent review before more trading occurs. Asking the Approved Person for an explanation, focusing first on suitability, or waiting for a later report all delay escalation and could allow further improper activity.
Possible insider or restricted-list trading requires immediate escalation and available preventive action, not delayed routine review.
Topic: Element 2 — Supervisory Structure
An Investment Dealer’s branch manager will be away for three weeks. To avoid delays, she tells an experienced registered representative at the branch to complete daily trade-review sign-offs and approve new margin accounts, adding that she will review everything when she returns. The firm’s written supervisory system says only designated supervisors may conduct supervisory reviews or approve accounts, and any temporary alternate must be formally assigned and documented. Which action best aligns with CIRO supervisory expectations?
Best answer: A
What this tests: Element 2 — Supervisory Structure
Explanation: Supervisory sign-offs and account approvals are dealer actions, not merely administrative tasks. They must be performed by a qualified person with documented authority under the firm’s supervisory system, so the proper response is to assign a designated alternate supervisor and keep records of that arrangement and the work done.
The core issue is the difference between helping with supervision and having authority to act on the dealer’s behalf. A branch manager may rely on staff for preparation or escalation, but actual supervisory reviews and account approvals must be performed by someone who is qualified, designated, and authorized under the firm’s written supervisory system. In this scenario, the firm’s own controls state that only designated supervisors may perform those functions and that any temporary alternate must be formally assigned and documented. That means the dealer should put a qualified alternate supervisor in place, define the temporary authority, and retain evidence of the reviews completed. A later check by the absent branch manager does not fix an unauthorized approval. The key takeaway is that supervisory responsibility cannot be satisfied through informal delegation.
Supervisory reviews and account approvals must be done by a properly designated supervisor acting within documented authority.
Topic: Element 6 — Approved Persons Supervision
At a registered location, a branch manager reviews a new options account submitted by an Approved Person for an existing retail client. The client’s annual income and liquid assets on the new file are materially higher than on the KYC completed six months earlier. The Approved Person says the client confirmed the updates by phone and that a signed copy will be collected later. The firm allows e-signatures but requires a client-signed final form or e-sign audit trail showing approval of the final KYC before activation. What should the branch manager verify first before deciding whether the matter is a file deficiency or a conduct issue?
Best answer: D
What this tests: Element 6 — Approved Persons Supervision
Explanation: The first supervisory question is whether the client actually approved the changed account-opening information. If that evidence is missing, the concern is no longer just an incomplete file; it may indicate improper account-opening conduct that requires remediation or escalation.
When account-opening conduct is in doubt, the supervisor should first verify the authenticity of the client-approved record. Here, the material KYC changes increase the client’s apparent capacity for options trading, but the Approved Person says approval was only verbal and the signed copy will come later. Because the firm requires a client-signed final form or an e-sign audit trail before activation, the key first check is whether that evidence already exists.
Suitability analysis and training history matter, but they come after verifying that the account-opening record itself is legitimate.
Client authorization of the final KYC must be established first because, without it, the issue may be unauthorized alteration or falsification rather than incomplete paperwork.
Topic: Element 1 — General Regulatory Framework
At a registered location, a supervisor learns that an Approved Person has been forwarding daily trade blotters showing pending large client orders and client KYC documents from the firm’s system to a personal email account to work from home more quickly. The firm already provides approved secure remote access. There is no evidence yet of further sharing. What immediate supervisory action best addresses this red flag?
Best answer: B
What this tests: Element 1 — General Regulatory Framework
Explanation: Using personal email for trade blotters and KYC records is an immediate confidentiality and misuse risk because sensitive information has left firm-controlled systems. The supervisor should contain the issue at once and escalate it, rather than treating it as a routine coaching or training matter.
The core concept is immediate containment of confidential information once it has moved to an unapproved channel. Here, the Approved Person sent both client personal information and order-sensitive data to a personal email account even though approved secure remote access already exists. That creates privacy risk, weakens firm control over the records, and increases the chance of misuse or improper disclosure.
A supervisor’s first response should be to:
The supervisor does not need proof of client harm or wider sharing before acting. The key point is that personal convenience never justifies moving sensitive firm or client information outside controlled channels.
Immediate containment and escalation best protect confidential client and order information and allow the firm to assess scope before misuse occurs.
Topic: Element 2 — Supervisory Structure
An Investment Dealer adds a private credit fund to its approved shelf after reviewing only the issuer’s marketing deck and term sheet. The supervisor documents no analysis of liquidity, valuation, conflicts, or target market, and says a full review is unnecessary because the fund will be sold only under the accredited investor prospectus exemption. A client later complains about unexpected redemption limits. What is the most likely supervisory consequence?
Best answer: C
What this tests: Element 2 — Supervisory Structure
Explanation: Dealer-level product due diligence must be completed and documented before a product is approved for recommendation. Selling under the accredited investor prospectus exemption does not remove the dealer’s obligation to assess the product’s risks, liquidity, conflicts, and target market. The likely consequence is a sales pause until the review gap is fixed.
Product due diligence is a supervisory obligation of the Investment Dealer. It cannot be replaced by issuer marketing materials, subscription documents, or the fact that the product is sold under a prospectus exemption. Here, the product was placed on the shelf without documented review of key features such as redemption limits, valuation, conflicts, and intended client base, so the approval process itself is deficient.
A prospectus exemption addresses how a security may be distributed; it does not, by itself, exempt the dealer from knowing the product well enough to approve it for recommendations. The typical supervisory consequence is to stop or restrict further sales, complete and document the review, escalate the issue to compliance, and consider whether earlier recommendations need remediation. Stronger suitability notes or client acknowledgements do not cure a product that was never properly vetted in the first place.
A prospectus exemption affects distribution, not the dealer’s obligation to understand, assess, approve, and document the product before recommending it.
Topic: Element 5 — Account Activity Supervision
At a registered location, an Approved Person reports that an 81-year-old client wants $180,000 wired to a new account controlled by a neighbour. The client appears confused, the request is inconsistent with past behaviour, and the neighbour answers most questions. The branch manager places a temporary hold, but the file note says only large unusual transfer, does not explain why the client is considered vulnerable or exploited, and shows no reassessment while the hold remains in place. What is the most likely supervisory consequence?
Best answer: B
What this tests: Element 5 — Account Activity Supervision
Explanation: A temporary hold for suspected financial exploitation must be supported by documented reasonable grounds and reviewed while it continues. Here, the missing rationale and lack of reassessment create a real risk that the firm cannot justify the hold if challenged.
The core issue is whether the supervisor can show that the temporary hold met the required protective conditions and remained appropriate over time. Red flags such as confusion, a third party speaking for the client, and an unusual transfer may support an initial concern about possible financial exploitation of a vulnerable client. But the file should also show why the client was viewed as vulnerable, what facts supported suspected exploitation, and that the hold was reassessed while it remained in place. When documentation is weak and review is not evidenced, the downstream risk is not just poor optics; it is a complaint or compliance finding that the hold was improperly supported or improperly continued. Serious red flags help start the analysis, but they do not eliminate the need for supervisory documentation and ongoing review.
Without recorded reasons supporting vulnerability, suspected exploitation, and ongoing review, the firm may not be able to defend keeping the temporary hold in place.
Topic: Element 6 — Approved Persons Supervision
When a supervisor identifies an Approved Person engaging in an activity outside the dealer’s permitted scope, what is the best supervisory response?
Best answer: A
What this tests: Element 6 — Approved Persons Supervision
Explanation: An activity outside the firm’s permitted scope cannot be fixed by disclosure alone or by waiting. The supervisor should act promptly to stop the activity, escalate it internally, assess whether clients were affected, and document what was done.
The core concept is that unapproved activity outside the dealer’s permitted scope is a supervisory issue requiring immediate containment, not informal tolerance. A supervisor should direct the Approved Person to stop the activity unless and until the firm has assessed it, escalate the matter to compliance or the appropriate supervisory function, determine whether any clients were solicited or affected, and document the facts, review, and follow-up. This protects clients and the firm from conflicts, confusion about the dealer’s role, and business being conducted outside approved controls. If client impact is identified, the firm should consider remediation and any further escalation required by its framework. The key point is that prompt intervention and formal escalation are required; disclosure, delay, or personal separation are not enough.
A supervisor should promptly contain the unapproved activity, escalate it, review any client impact, and keep a clear record of the response.
Topic: Element 1 — General Regulatory Framework
Exhibit: Email campaign approval note
Based on the exhibit, what is the only supported supervisory action?
Best answer: D
What this tests: Element 1 — General Regulatory Framework
Explanation: The campaign should not be approved because multiple supervisory concerns are triggered at once. The exhibit shows unsupported electronic marketing consent for part of the list, use of identifiable client information, and a promotional statement that appears based on confidential, not-yet-public issuer information.
A supervisor should focus first on whether the communication is permissible at all. Here, the recipient evidence supports only current clients, while the purchased list relies on a vendor assertion rather than the dealer’s own support for sending commercial electronic messages. The attachment includes identifiable client information, creating a privacy and confidentiality problem. Most importantly, the recommendation refers to a coming issuer announcement after the Approved Person attended a private meeting under a confidentiality agreement, which raises a clear public-disclosure and material non-public information concern. The proper response is to stop the campaign, keep the record, and escalate to compliance before any distribution.
Partial edits do not cure the core confidential-information issue.
The exhibit shows unresolved CASL, privacy, and confidential-information concerns, so the campaign cannot be approved for any audience.
Topic: Element 7 — Trading and Market Rules Supervision
A branch manager receives the following report.
Exhibit: Automated-review exception report
Firm policy: Escalate immediately to Compliance if activity suggests possible
market manipulation or other suspicious trading; handle suitability or
concentration issues through routine supervision.
Issuer: North Shore Lithium Inc. (small-cap)
30-day average daily volume: 22,000 shares
May 14, 3:47 p.m.-3:59 p.m.
- 5 retail accounts, same Approved Person, same branch
- Total bought: 46,000 shares
- Client profiles: 4 income, 1 balanced
- Price moved up 17% during the 12-minute window
- 4 of 5 accounts sold all shares next morning at the open
- Approved Person note: "Clients heard the same story from a friend; instructions confirmed by phone"
What is the only supported supervisory action?
Best answer: D
What this tests: Element 7 — Trading and Market Rules Supervision
Explanation: This activity goes beyond an ordinary suitability or concentration issue. Several accounts tied to one Approved Person bought more than twice the issuer’s average daily volume late in the day, moved the price sharply, and most sold the next morning, which supports immediate escalation for suspicious trading review.
This is a gatekeeping issue. Routine supervision is appropriate for concerns such as concentration, KYC fit, or incomplete notes, but the exhibit shows multiple red flags of possible suspicious trading: coordinated activity across several accounts linked to one Approved Person, trading volume that exceeds the issuer’s normal daily activity, a sharp late-day price move, and rapid liquidation the next morning. The firm’s policy specifically says those patterns must be escalated immediately to Compliance. The note that clients gave instructions does not remove the market-conduct concern; authorized trades can still be suspicious. Suitability follow-up may also be needed, but it does not replace prompt escalation when the pattern suggests possible manipulation or other suspicious trading.
The coordinated late-day buying, strong price impact, and next-day selling trigger immediate escalation for possible suspicious trading.
Topic: Element 4 — Account Approval Supervision
At account opening, a supervisor reviews a draft relationship disclosure document for a fee-based account. It says the client will receive periodic “portfolio performance” reports, but it does not say whether the return shown is before or after fees and charges. The supervisor requires the document to state clearly whether reported returns are gross or net of fees. Which function does this disclosure best match?
Best answer: D
What this tests: Element 4 — Account Approval Supervision
Explanation: The issue is clarity of performance reporting. In a fee-based account, saying “portfolio performance” without stating whether returns are gross or net of fees can mislead clients about what they actually earned, so the added wording makes the disclosure complete and fair.
When a relationship disclosure document refers to performance reporting, a supervisor should consider how a reasonable client will interpret the result shown. In a fee-based account, performance stated without clarifying whether fees and charges are included can be incomplete or misleading because gross returns may look better than the client’s actual outcome. Requiring clear wording that the figure is gross or net is a reporting-control feature designed to improve transparency and help clients interpret results properly.
This control is about fair client reporting, not account authority or another disclosure regime. Margin-risk disclosure addresses borrowing risks, discretionary authority is established through the proper approval and agreement, and complaint escalation disclosure serves a different client-protection purpose.
If performance is shown without saying whether fees are included, a client may overestimate what the account actually earned.
Topic: Element 8 — Communications and Research Supervision
At a small Investment Dealer, the designated Supervisor for equity research is also the sector analyst covering Northern Lithium and has drafted an update report on the issuer. The firm is currently seeking investment banking business from Northern Lithium, and an alternate designated Supervisor in another office is available before the report’s planned pre-market release. Which action best aligns with CIRO supervisory expectations?
Best answer: A
What this tests: Element 8 — Communications and Research Supervision
Explanation: Research must be approved before dissemination by a qualified, independent Supervisor. Here, the usual designated Supervisor is conflicted and effectively reviewing her own work, so documented cross-supervision by the alternate designated Supervisor is the best course.
The core principle is independent, documented pre-use supervision of research. When the usual designated Supervisor is personally involved in the report or has a live conflict tied to the issuer, the firm should use cross-supervision by another qualified designated Supervisor who is outside the conflict. That reviewer should assess the report before release, including whether required disclosures are present and whether analyst independence and information barriers have been respected.
Disclosure alone does not cure conflicted self-approval, and a review after publication is too late because the supervisory control is meant to prevent improper dissemination. Sales management also should not replace designated research supervision. The key takeaway is that research review must remain independent, properly approved, and well documented.
A conflicted designated Supervisor should not approve her own research, so an independent alternate must complete and document the pre-use review.
Topic: Element 3 — Business and Operations Supervision
A dealer is assessing whether its supervision structure supports effective escalation at a registered location.
Exhibit: Location-audit note
Based on the exhibit, which supervisory action is most appropriate?
Best answer: A
What this tests: Element 3 — Business and Operations Supervision
Explanation: The exhibit shows a structural escalation weakness, not just a documentation problem. Concerns about the top team can be filtered through supervisors whose compensation is tied to that team’s production, so the dealer should provide an independent escalation path.
The core issue is whether the dealer’s structure allows material concerns to reach an independent supervisory or compliance function promptly. Here, the branch manager is tied directly to the team under review, the next escalation point is a sales leader whose bonus depends on branch production, and compliance is informed only after that sales chain is used. That design creates a real risk that problems will be delayed, softened, or never escalated fully.
A sound response is to:
Better note-taking or waiting for more evidence does not correct a conflicted escalation structure.
The current path is conflicted because the branch manager and Regional VP both have sales-linked interests in the team being reviewed.
Topic: Element 6 — Approved Persons Supervision
During daily exception review, a branch manager sees that a 72-year-old retired client with annual income of $48,000 held mainly GICs and bond funds for years. Two days before an Approved Person bought a leveraged sector ETF in the client’s margin account, the client’s KYC was changed from income/low risk to growth/high risk. The file has no note explaining the change or any evidence of a client discussion. What is the best immediate supervisory action?
Best answer: C
What this tests: Element 6 — Approved Persons Supervision
Explanation: This pattern suggests a possible KYC manipulation and suitability failure. The supervisor should act immediately to verify the client’s true profile, review the recommendation, and stop further similar activity until the concern is resolved.
The core concept is immediate supervisory intervention when a KYC change appears to have been made to fit a risky recommendation rather than reflect the client’s actual circumstances. Here, the client is retired, lower income, historically conservative, and suddenly coded as growth/high risk just before a leveraged ETF purchase in a margin account, with no supporting notes or evidence of a client discussion. That combination is a clear client-protection concern.
A signature or later documentation does not cure an unsupported KYC change.
An unexplained KYC change that appears to justify a high-risk product is a serious client-protection red flag requiring immediate review and restriction of further similar activity.
Topic: Element 5 — Account Activity Supervision
A dealer’s post-review escalation matrix is used after daily and monthly supervision. Its function is to separate routine exceptions that can be documented and closed from findings that require additional supervisory action, investigation, or escalation to compliance. Which finding best matches the type of issue this matrix is designed to escalate?
Best answer: A
What this tests: Element 5 — Account Activity Supervision
Explanation: The escalation matrix is meant for exceptions that may indicate unauthorized activity, client harm, or a broader control failure. A complaint alleging an improper transfer fits that purpose because the supervisor must verify authorization, secure records, investigate, and involve compliance.
The key distinction is between a routine exception that is isolated, explained, and corrected, and a finding that could involve misconduct, unauthorized activity, or ongoing risk. A client complaint alleging an improper transfer is not something a supervisor should close with simple documentation. It raises possible misuse of client assets, deficient authorization controls, and direct client harm, so the supervisor should preserve evidence, confirm instructions and signatures, review related account activity, and escalate under the firm’s complaint and compliance process.
By contrast, an operational issue that is fully explained and promptly corrected, or a properly approved hold-mail request, may be documented and closed if no broader concern is present. The closest distractor is the brief margin deficiency, but the stem says it was cured promptly and showed no pattern.
An allegation of an unauthorized transfer suggests possible client harm or misconduct, so it requires investigation and escalation, not just a review note.
Topic: Element 4 — Account Approval Supervision
A branch manager is reviewing a request to approve a retail client for uncovered equity option trading. The new account form shows annual income of $48,000, liquid net worth of $40,000, investment knowledge “limited,” and objectives of income and capital preservation with low-to-medium risk tolerance. The options agreement and derivatives risk disclosure are signed. The Approved Person adds a note that the client attended an options webinar and wants “monthly cash flow.” What is the primary supervisory red flag?
Best answer: C
What this tests: Element 4 — Account Approval Supervision
Explanation: The main approval issue is whether the requested derivatives permission is appropriate for this client. Limited knowledge, conservative objectives, and modest liquid assets are a clear red flag for uncovered options, even if the client signed the required disclosures and attended a webinar.
For derivatives account approval, a supervisor must look past signed forms and assess whether the requested permission fits the client’s KYC, investment knowledge, objectives, risk tolerance, and financial ability to sustain losses. Uncovered options can create large or rapid losses, so a profile showing limited knowledge, income and capital-preservation objectives, low-to-medium risk tolerance, and modest liquid net worth is a strong mismatch. A note that the client attended a webinar or wants monthly cash flow does not establish that the client truly understands the strategy or can bear its downside. The key supervisory concern is the appropriateness of the approval itself, not whether ancillary documentation or broader branch controls also need attention.
Signed disclosures do not overcome a clear mismatch between uncovered option risk and the client’s KYC, knowledge, and financial capacity.
Topic: Element 5 — Account Activity Supervision
A supervisor reviews a commission-based RRIF for a 72-year-old retail client. The client’s KYC shows low risk tolerance, income needs, and limited investment knowledge. During monthly supervision, which observation is LEAST indicative of a retail-account red flag requiring follow-up?
Best answer: D
What this tests: Element 5 — Account Activity Supervision
Explanation: A single documented rebalance into a diversified bond ETF after an updated KYC is generally consistent with ongoing suitability supervision. The other observations point to classic retail-account red flags: undue concentration, excessive trading, or a conflict between the Approved Person and the client’s activity.
The key supervisory distinction is between normal suitability-based account maintenance and activity that suggests potential client harm or conflicted advice. For a low-risk, income-oriented RRIF, a one-time rebalance into a diversified bond ETF after a documented KYC update is ordinarily aligned with the client’s profile and does not, by itself, indicate unsuitable trading. In contrast, very high exposure to one speculative issuer raises concentration and suitability concerns; repeated short-term trades that increase commissions without a client-driven reason suggest excessive trading; and recommending a security in which the Approved Person has a financial interest raises a conflict that requires close review and possible escalation under firm policy. Supervisors look for patterns that do not fit the client’s objectives, risk tolerance, knowledge, or best interests.
It reflects a suitability-based adjustment to updated KYC, not a classic retail-account red flag.
Topic: Element 6 — Approved Persons Supervision
A supervisor reviews a new-account package for a retail client. The file is coded as an advisory margin account. In the Approved Person’s notes, the client is described as “often unreachable” and as having “authorized me to switch between model-portfolio positions and use margin when opportunities arise; I will confirm trades afterward.” No managed-account agreement or discretionary authorization is attached. Before approving or escalating the file, what should the supervisor verify first?
Best answer: A
What this tests: Element 6 — Approved Persons Supervision
Explanation: The first issue is correct account classification and permitted authority. The notes imply the Approved Person may choose trades and margin use without prior client instructions, so the supervisor must first determine whether this is actually a managed or discretionary relationship.
Account-opening supervision starts with the correct account type and the authority the client is giving to the Approved Person. A standard advisory margin account assumes the client approves each trade before the order is entered. Here, the notes say the Approved Person may switch positions and use margin “when opportunities arise” and only confirm afterward. That creates a threshold concern that the account may be misclassified or that unauthorized discretion is being proposed.
A margin agreement, leverage disclosure, and margin suitability review are still necessary, but they come after the supervisor resolves whether the account is being opened under the correct authority.
The notes suggest trades may occur without prior client instructions, so the first supervisory step is to confirm whether the account is really discretionary rather than advisory.
Topic: Element 4 — Account Approval Supervision
A branch manager is comparing approval of two new institutional accounts. Both clients want dealer recommendations rather than execution-only service.
Which supervisory approach best fits Client B at account approval?
Best answer: A
What this tests: Element 4 — Account Approval Supervision
Explanation: The deciding factor is whether a suitability exemption has been established and documented. Because Client B does not have that exemption, the supervisor should approve it as a non-exempt institutional account and ensure normal suitability oversight applies to recommendations.
The core concept is that institutional status alone does not remove the dealer’s suitability obligation. For Client B, the file shows authority documents and KYC, but no documented basis for a suitability exemption. That means the supervisor must use the non-exempt approval path: confirm the account is appropriate, maintain sufficient client information, and ensure recommended activity is subject to the firm’s regular suitability supervision.
A supervisor cannot treat the account as exempt just because it is an institutional relationship, and the client cannot waive away the dealer’s obligation through a blanket acknowledgment. Recasting the relationship as unsolicited-only also does not fit the stated facts, because the client wants recommendations. The key takeaway is that exemption must be established and documented; otherwise, full suitability controls remain in place.
Without a documented suitability exemption, the account must be approved and supervised under the firm’s normal suitability controls.
Topic: Element 4 — Account Approval Supervision
In CIRO account-opening supervision, an institutional client requests a derivatives-enabled margin account. What does account appropriateness primarily mean in this context?
Best answer: C
What this tests: Element 4 — Account Approval Supervision
Explanation: Account appropriateness asks whether the requested account type and permissions fit the client. For an institutional client, the supervisor focuses on the client’s authority, sophistication, intended use, and capacity to understand and bear the risks of margin and derivatives.
Account appropriateness is an account-opening judgment about the fit between the requested account structure and the client. For an institutional client seeking a derivatives-enabled margin account, the supervisor should consider the client’s legal authority, intended use of the account, experience and sophistication, financial resources, operational capacity, and ability to understand and bear the risks of margin and derivatives. The issue is whether the account should be opened with those features and approvals at all. It is not the same as reviewing each later trade, and it is not replaced by labels such as institutional client or qualifying hedger. Those classifications may affect how some rules apply, but the supervisor still must determine that the account itself is appropriate.
Account appropriateness is about whether the requested account type and permissions fit the client’s circumstances, authority, sophistication, and ability to bear the risks.
Topic: Element 4 — Account Approval Supervision
Which update to account-opening information would typically require new approval action by the appropriate supervisor, rather than routine record maintenance?
Best answer: B
What this tests: Element 4 — Account Approval Supervision
Explanation: A new approval action is generally required when the change materially affects the nature of the account or the risks the client can assume. Moving from a cash account to a margin account does that, so it needs supervisory approval rather than simple file maintenance.
The key concept is whether the update is merely administrative or whether it changes the account’s approval basis. Administrative updates, such as contact details or minor clerical corrections, usually require the dealer to update its records and verify the change as needed, but they do not normally create a new approval event.
By contrast, converting a cash account to a margin account changes the account’s permitted activity, risk profile, and required documentation. That means the supervisor must treat it as more than housekeeping and complete the appropriate approval review before the new account feature is used.
A useful test is: does the change alter account type, authority, or core risk exposure? If yes, new approval action is typically required.
Changing the account type to margin changes the account’s features and risks, so it normally requires a new approval review and supporting documentation.
Topic: Element 4 — Account Approval Supervision
A branch manager reviews a new-account package for Prairie Fuel Co., a corporate treasury client seeking a derivatives account to hedge diesel purchases. The file includes financial statements, a board resolution, authorized traders, KYC on business purpose and risk tolerance, and evidence supporting the client’s qualifying-hedger status. The approval note says only, “Sophisticated client; institutional treatment requested.” Which missing element is the decisive approval deficiency?
Best answer: A
What this tests: Element 4 — Account Approval Supervision
Explanation: Before approving a new account, the firm must determine whether the account itself, including its permissions, is appropriate for the prospective client. A client’s sophistication or qualifying-hedger status does not replace a documented account-appropriateness assessment.
Account appropriateness is a front-end approval requirement. The supervisor should be able to see, from the approval file, that the firm considered whether opening this type of account, with these specific permissions, fits the prospective client’s circumstances, objectives, experience, and intended use.
Here, the file supports authority, financial capacity, business purpose, risk tolerance, and qualifying-hedger status. The real gap is that the approval note never documents the required judgment that the derivatives account itself is appropriate for Prairie Fuel Co. Institutional-client treatment or qualifying-hedger status may change how suitability is handled, but they do not eliminate the need to assess and evidence account appropriateness at account opening.
The key takeaway is that status classification and client sophistication are not substitutes for a documented approval decision on account appropriateness.
The supervisor must have evidence that opening this account, with its proposed services and trading authority, is appropriate before approval.
Topic: Element 4 — Account Approval Supervision
A supervisor at a registered location is asked to approve a new retail margin account before market close so the client can place a trade the same day. Firm policy says KYC used for approval must be updated if it is more than 12 months old. The only signed KYC form on file is from 13 months ago, today’s electronic application shows high risk tolerance and long-term growth, but the Approved Person’s notes say the client needs most of the funds for a condo purchase in 9 months and wants low volatility. The signed margin agreement is also missing. What is the best supervisory decision?
Best answer: D
What this tests: Element 4 — Account Approval Supervision
Explanation: The file has three separate approval blockers: stale KYC under firm policy, inconsistent client information, and a missing margin agreement. A supervisor should not approve the account until the records are current, complete, and internally consistent.
Account approval depends on records being complete, current, and reliable enough for the supervisor to assess the account and its features. In this scenario, the file cannot support approval because the KYC is stale under the firm’s stated policy, the application conflicts with the Approved Person’s notes on time horizon and risk needs, and the required margin agreement is missing. Those are substantive deficiencies, not minor administrative items.
Before approving, the supervisor should require:
Same-day trading pressure does not override the need for complete and consistent approval records.
Approval should be blocked because the file is stale under firm policy, internally inconsistent, and missing a required margin document.
Topic: Element 1 — General Regulatory Framework
A branch manager is reviewing four disclosure requests from an Approved Person, all made before any arrangement begins. The dealer’s policy, consistent with CIRO expectations, permits borrowing from or lending to a client only if the client is an immediate family member and prior approval is obtained. It also permits documented, approved limited trading authorizations that do not allow discretion or withdrawals, and executor or attorney-for-property roles only for immediate family members with prior approval. Which request is NOT acceptable?
Best answer: D
What this tests: Element 1 — General Regulatory Framework
Explanation: The prohibited request is the loan to the non-family client. Under the stated policy and CIRO expectations, personal financial dealings such as borrowing from or lending to clients are only exempt in narrow situations, typically involving immediate family and firm approval.
The key issue is whether the arrangement creates an impermissible personal financial conflict or fits a narrow, supervised exception. Lending money to a non-family client is generally prohibited because it creates a direct financial relationship between the Approved Person and the client, which can impair objectivity and expose the client to pressure or exploitation. A written agreement, emergency purpose, or long-standing relationship does not remove that conflict.
Under the stated facts, the other requests fit permitted exceptions:
The supervisor should reject the non-family loan; disclosure does not make a prohibited personal financial dealing acceptable.
Lending to a non-family client is a prohibited personal financial dealing, even if the loan is short term and intended to help.
Topic: Element 3 — Business and Operations Supervision
At a registered location, a branch manager plans to begin selling autocallable notes to retail clients. The notes have contingent coupons, early-call features, and principal is at risk if a barrier is breached. The firm already sells broad-market ETFs and investment-grade bonds, and the draft supervision plan would review all three product lines the same way. Which action best aligns with CIRO supervisory expectations?
Best answer: A
What this tests: Element 3 — Business and Operations Supervision
Explanation: Supervisory attention should increase when product complexity increases. A retail product with barrier risk, contingent payments, and early-call features should have product-specific controls rather than being supervised the same way as plain-vanilla ETFs or investment-grade bonds.
The core principle is risk-based supervision. When a firm adds a more complex product for retail clients, the supervisor should adjust the intensity of oversight to reflect the product’s structure, the chance of client misunderstanding, and the suitability risk. In this scenario, using the same review process applied to simpler products would not be enough.
Appropriate enhanced supervision can include:
Product approval is only the starting point. Ongoing supervision must be proportionate to the complexity and client risk of the product being sold.
Complex products require supervision proportionate to their features and risks, including targeted training, enhanced suitability oversight, and manual review of exceptions.
Topic: Element 4 — Account Approval Supervision
Which statement best describes the account appropriateness requirement for a prospective client?
Best answer: C
What this tests: Element 4 — Account Approval Supervision
Explanation: Account appropriateness is about the overall fit of the proposed account for the prospective client. It is assessed at account opening and focuses on the account relationship being offered, not on predicting every future trade or merely checking paperwork.
The core concept is that, before approving a new account, the dealer must determine whether opening that account is appropriate for the prospective client based on the client’s circumstances and the features of the relationship being offered. That includes the account type, the services available, and the products the client may access through the account. This is a supervisory and firm-level approval question, separate from recommendation suitability, which is assessed for specific securities or strategies. It is also more than an administrative check that forms are complete. If the proposed account relationship does not fit the client’s circumstances, the account should not be approved in that form.
Account appropriateness is a front-end assessment of whether the overall account relationship being offered is suitable to open for that client.
Topic: Element 6 — Approved Persons Supervision
At an Investment Dealer, a supervisor oversees Approved Persons serving both retail and institutional clients. Which action best reflects the supervisor’s responsibility for suitability oversight?
Best answer: C
What this tests: Element 6 — Approved Persons Supervision
Explanation: Suitability supervision is ongoing for retail business, not a one-time formality. For institutional clients, a supervisor cannot assume reduced or different suitability treatment applies unless the client’s status and supporting documentation have been properly established.
The core supervisory duty is to ensure the firm’s suitability framework is applied correctly to each client type. For retail clients, supervisors must oversee whether recommendations and account activity are suitable based on current KYC and the client’s circumstances. For institutional clients, supervisors may oversee a different framework, but only after confirming the account has been properly classified and that the required documentation supporting that treatment is in place. A supervisor cannot substitute relationship disclosure for suitability review, cannot rely on a client’s sophistication alone, and cannot limit oversight to new-account approval. Suitability supervision includes both proper account setup and ongoing review of recommendations and activity.
Supervisors must oversee retail suitability and confirm that any different treatment for institutional clients is properly supported and documented before it is relied on.
Topic: Element 4 — Account Approval Supervision
A dealer’s account-opening system includes this control: if a new file requests institutional-client treatment or qualifying-hedger status, and the documentation does not clearly establish eligibility or the account’s appropriateness is unclear, the specialized code is blocked and the file is sent to the designated supervisor. Which approval response best matches this control?
Best answer: A
What this tests: Element 4 — Account Approval Supervision
Explanation: This safeguard is an approval gate, not a post-opening monitoring tool. Its purpose is to prevent institutional-client or qualifying-hedger coding until eligibility is supported and a supervisor resolves any appropriateness uncertainty.
The core concept is exception-based account approval. When a client asks for institutional-client treatment or qualifying-hedger status, the firm cannot rely on assumptions such as sophistication, trading experience, or later follow-up if the file does not clearly support that status. If eligibility is unclear or the account’s appropriateness is uncertain, the proper response is to pause the specialized approval, escalate the file, and complete a manual review before applying the designation.
This matters because the requested status can affect how the account is approved and supervised. A file should not enter a different supervisory stream until the firm has adequate support for that treatment. Later monitoring may detect problems, but it does not correct an improper initial approval decision.
The control is designed to stop institutional or qualifying-hedger coding until a supervisor confirms the status and resolves any appropriateness uncertainty.
Topic: Element 4 — Account Approval Supervision
A supervisor is reviewing a new retail account at an Investment Dealer. Based on the exhibit, which supervisory action is the only supported one?
Exhibit: New account approval checklist
Requested account: Individual cash account with margin feature
Client wants first trade entered today
KYC and relationship disclosure: Complete
Trusted contact person: Declined by client
Margin agreement: Pending e-signature
Leverage risk disclosure: Signed
AP note: ‘Approve now; signed margin agreement will arrive tomorrow.’
Firm policy: ‘If core account-opening documents are complete, the base cash account may be opened. A margin feature may be activated only after a signed margin agreement is on file. Supervisors cannot waive this requirement.’
A. Open the base cash account only and defer margin approval until the signed agreement is on file.
B. Approve the full margin account because the leverage risk disclosure is already signed.
C. Approve the margin feature conditionally if the agreement is expected tomorrow.
D. Reject the entire account because the client declined a trusted contact person.
Best answer: A
What this tests: Element 4 — Account Approval Supervision
Explanation: The decisive issue is the conflict between the AP’s request for immediate margin approval and the firm’s non-waivable policy. Since the core account-opening documents are complete, the supervisor may open the base cash account, but must hold the margin feature until the signed agreement is on file.
Supervisors must apply firm policy as written when approving account features. Here, the exhibit states two things clearly: the core account-opening documents are complete, and margin cannot be activated until a signed margin agreement is on file. That means the supervisor can approve only what the documentation currently supports.
A signed leverage risk disclosure does not replace the margin agreement, and the AP’s expectation that the agreement will arrive tomorrow does not permit a waiver. The client’s decision to decline a trusted contact person is also not, by itself, a reason to reject the account when that choice is properly documented.
The key takeaway is to approve the account only to the extent supported by current documentation and firm policy, not by expected follow-up.
Firm policy allows the base account to open but expressly prohibits margin activation until the signed margin agreement is received.
Topic: Element 2 — Supervisory Structure
At a registered location, a leveraged purchase triggered a suitability exception. Firm policy allows client-record changes only to correct an error or record genuinely new client information, and requires unique user IDs, evidence of the client’s instruction, a reason for the change, and supervisory review of any post-trade KYC amendment. The branch manager sees that 15 minutes after the trade, the client’s risk tolerance changed from “medium” to “high” using a shared branch login. The file note says only, “client confirmed by phone.” What is the primary supervisory red flag?
Best answer: C
What this tests: Element 2 — Supervisory Structure
Explanation: The core issue is record integrity. A post-trade KYC change made through a shared login, with only a vague note and no clear client instruction, is a serious supervisory red flag because the firm cannot show who changed the record, why it was changed, or whether the amendment was legitimate.
Client records can be amended, but only to correct an actual error or to reflect genuinely new client information. The supervisor’s key concern is whether the amendment process preserves record integrity through controlled access, a reliable audit trail, supporting evidence, a stated reason for the change, and supervisory review when the timing is sensitive. Here, the KYC change occurred after a leveraged trade triggered a suitability exception, it was entered through a shared login, and the file has only a vague phone note. That combination raises a strong risk that the record was altered to fit the trade rather than updated for a valid client-driven reason. Other process issues may exist, but they are secondary to the breakdown in access and amendment controls.
Client records may be amended only for a valid reason with attributable access and supporting evidence, which are missing here.
Topic: Element 6 — Approved Persons Supervision
An Approved Person submits four new non-individual account files. Firm policy allows institutional-client treatment only when the file shows the entity’s legal existence, who may bind it, and that the entity itself has at least CAD $25 million in net assets. Which file is most appropriate to approve under that policy?
Best answer: A
What this tests: Element 6 — Approved Persons Supervision
Explanation: For a non-individual account, the supervisor must see both valid signing authority and proof that the entity itself qualifies for institutional-client treatment. Only the limited partnership file provides entity documentation, authorized representation through the general partner, and net assets above the stated threshold.
The key supervisory issue is documentation quality for the entity, not the sophistication or wealth of the individual signer. Before approving institutional-client treatment, the file must establish the entity’s legal existence, identify who can bind the entity, and show that the entity itself meets the firm’s net-asset standard. A corporation is not qualified by an officer’s personal wealth, and a trust cannot be properly opened if the signing does not match the trust deed. For a limited partnership, the general partner usually has authority to bind the partnership, so a general partner resolution naming the trading officer is the critical authority document. With entity documentation on file and audited net assets above CAD $25 million, that file supports approval. The trust file is the closest distractor because the assets are sufficient, but the signing authority is defective.
This file documents both the partnership’s authority through its general partner and that the entity itself meets the institutional threshold.
Topic: Element 5 — Account Activity Supervision
A supervisor reviews four retail client files for CFD trading. Firm policy says every retail CFD account must already have derivatives approval and the client must have acknowledged the firm’s CFD risk disclosure. If the Approved Person will decide when to trade, the account must also be an approved managed account with a signed managed account agreement. Which file is the best one to approve if the Approved Person will place trades without obtaining order-by-order instructions?
Best answer: B
What this tests: Element 5 — Account Activity Supervision
Explanation: The decisive factor is discretionary authority. Because the Approved Person will choose when to trade CFDs for a retail client, the account must be formally approved as a managed account and supported by a signed managed account agreement, not just by general consent or trading instructions.
Retail CFD supervision focuses on both product restrictions and who is making the trading decision. In the scenario, derivatives approval and CFD risk disclosure are already complete for every file, so those are not the differentiators. The key issue is that the Approved Person will trade without obtaining order-by-order instructions, which is discretionary trading. For a retail client, that requires a properly approved managed account with a signed managed account agreement.
Informal client consent, limited trading authorization, or standing instructions may help with executing client-directed orders, but they do not convert a regular retail account into a managed account or create broad discretion to trade CFDs. A supervisor should approve the file only when the authority, account status, and documentation all support discretionary derivative activity. The closest distractor is limited trading authorization, which still does not permit the Approved Person to decide whether and when to trade.
Only the approved managed account has the documented discretionary authority required for retail CFD trading without order-by-order client instructions.
Topic: Element 2 — Supervisory Structure
A branch manager receives the dealer’s daily automated suitability-surveillance report. The firm’s written supervisory procedures state: “If a surveillance rule is Excluded or returns Error, the supervisor must manually review the activity the same day, document the review, and notify Compliance of the control gap.”
Exhibit: Automated-review exception report
| Account | Activity | Engine status | Reason |
|---|---|---|---|
| 4587 | Buy $85,000 principal-protected note | Excluded | New product class not mapped after system update |
| 6124 | Sell $12,000 Canadian equity ETF | Cleared | No exception detected |
Which supervisory action is the only one supported by the exhibit?
Best answer: C
What this tests: Element 2 — Supervisory Structure
Explanation: Automation supports supervision, but it does not replace the supervisor’s responsibility when the system does not actually review an item. Because the note trade is marked Excluded, the supervisor must follow the firm’s manual-review and escalation process.
The core concept is that automated supervision is a tool, not a transfer of accountability. A supervisor remains responsible for understanding what the automated process covers, recognizing when it does not run or does not apply, and using manual controls when required.
In the exhibit, Cleared and Excluded mean very different things. The ETF trade was reviewed by the system and no exception was detected. The note trade was not assessed by the surveillance rule at all because the product class was not mapped after a system update. Under the stated written supervisory procedures, that gap triggers same-day manual review, documentation, and notice to Compliance.
A later system fix or rerun may help with remediation, but it does not remove the supervisor’s immediate responsibility to supervise the affected activity manually.
The note trade was excluded from the automated rule set, so the supervisor must apply the stated manual-review fallback and escalate the control gap.
Topic: Element 5 — Account Activity Supervision
A branch manager reviews the supervisory file for a discretionary managed account approved for listed options. The file contains the signed managed-account agreement, evidence that required derivatives-risk disclosure was delivered, monthly exception reports with supervisor sign-offs, and portfolio manager notes from an annual client call. Those notes say the client has retired, will rely on the account for income, and now has a shorter time horizon and lower tolerance for loss. Which required documentation is missing or deficient?
Best answer: D
What this tests: Element 5 — Account Activity Supervision
Explanation: The decisive deficiency is the absence of a retained updated client assessment after a material change in the client’s circumstances. In managed-account and derivatives supervision, existing agreements, disclosure delivery, and routine exception sign-offs do not replace documented evidence that the client’s current profile was reassessed and the ongoing strategy was reviewed against it.
When a client reports a material change such as retirement, a shorter time horizon, or lower loss tolerance, supervision must be supported by retained documentation showing the client assessment was updated and the ongoing account activity was reviewed against that updated profile. That is especially important for discretionary managed accounts using derivatives, because supervisors must be able to evidence not just that required agreements and disclosures existed, but that current activity remained appropriate in light of the client’s changed circumstances.
Here, the file already shows routine controls: the managed-account agreement is on file, required derivatives-risk disclosure was delivered, and monthly exception reports were reviewed. The missing piece is the documented updated client assessment and related supervisory suitability review tied to the new facts from the annual call. Administrative enhancements or duplicate records do not cure that core gap.
The key takeaway is that supervision must leave an audit trail of current client assessment, not just historical setup documents and periodic report sign-offs.
A material change in circumstances requires retained evidence of an updated client assessment and supervisory review of whether the strategy still fits the client.
Topic: Element 5 — Account Activity Supervision
During cross supervision, a branch manager notices three journals in one week moving cash from a senior retail client’s margin account to an unrelated client’s cash account serviced by the same Approved Person. The client also complained the previous day that she did not recall authorizing the transfers, and no client instructions are on file. Which supervisory response best fits these facts?
Best answer: B
What this tests: Element 5 — Account Activity Supervision
Explanation: This is more than a documentation issue. A client complaint tied to repeated transfers to an unrelated account, with no evidence of authorization, requires prompt escalation and independent verification because the facts suggest possible improper or unauthorized activity.
When supervisory review reveals a complaint that is connected to current account activity and there is no evidence of client authorization, the matter moves beyond routine documentation. Here, the repeated transfers from one client’s margin account to an unrelated client’s account, all through the same Approved Person, create possible improper-transfer and suspicious-activity concerns with immediate client-impact risk.
Documentation is still required, but it supports the investigation; it does not replace escalation when the facts suggest possible misconduct or client harm.
A linked complaint, repeated third-party transfers, and missing client instructions create immediate client-harm risk that requires escalation and independent verification.
Topic: Element 2 — Supervisory Structure
An Investment Dealer revises its policy on complaint escalation and temporary holds after finding inconsistent handling across branches. The revised procedures take effect next Monday and apply to supervisors, Approved Persons, and client service employees. Which communication approach best supports the firm’s supervisory obligations?
Best answer: D
What this tests: Element 2 — Supervisory Structure
Explanation: Policies and procedures should be communicated actively, not merely made available. Because the revised procedures take effect next Monday and affect multiple roles, the strongest approach is targeted training before implementation with documented acknowledgements and follow-up for anyone missed.
The core concept is that an effective supervisory system requires policies and procedures to be communicated in a timely, clear, role-appropriate, and evidencable way to employees and Approved Persons. When a change affects complaint escalation and temporary holds, the firm should not rely only on passive access or informal messaging, because inconsistent understanding can create supervisory gaps and client harm.
A sound rollout should include:
Posting a policy, sending a general email, or using verbal summaries may support communication, but on their own they do not adequately demonstrate that the firm communicated the new requirements effectively before they became operational.
This approach is timely, role-specific, and documented, giving the firm evidence that affected staff received and understood the new procedures before they took effect.
Topic: Element 7 — Trading and Market Rules Supervision
An Investment Dealer is redesigning its trading supervision program after opening two new registered locations, adding listed options trading, and hiring several new Approved Persons. One desk recently generated repeated trade-correction exceptions, and a branch had a past disciplinary issue. Which design choice is NOT consistent with a risk-based trading supervision system?
Best answer: C
What this tests: Element 7 — Trading and Market Rules Supervision
Explanation: Risk-based trading supervision should be tailored to where trading and conduct risk is greatest. The dealer’s new offices, options activity, registrant concentration, prior issues, and current exceptions support differentiated review, not a one-size-fits-all model.
The core concept is proportional supervision. A supervisor should design trading reviews so resources and escalation intensity match the firm’s size, structure, product mix, office footprint, concentration of registrants, disciplinary history, and current red flags. In this scenario, listed options, new locations, repeated trade corrections, and a branch with prior issues all justify more targeted surveillance or more frequent manual review in those areas. A uniform set of thresholds and review cycles may seem efficient, but it ignores differing risk levels and can under-monitor higher-risk desks while over-monitoring lower-risk areas. Reassessing coverage when products, headcount, or locations change is exactly how a risk-based system remains effective.
A risk-based system adjusts review intensity and thresholds to differing business risks instead of applying identical controls everywhere.
Topic: Element 5 — Account Activity Supervision
A branch manager reviews a retail-account exception report for a 72-year-old retired client.
What is the best next supervisory step?
Best answer: D
What this tests: Element 5 — Account Activity Supervision
Explanation: This account shows several linked red flags at once: unsuitable concentration, frequent solicited trading, high commissions, and a possible conflict of interest. A supervisor should act immediately with a targeted review and escalation, not defer action or rely on routine disclosures.
The core concept is that clustered retail-account red flags trigger an immediate, focused supervisory review. Here, the client’s stated objective and risk tolerance do not fit an 80% position in a speculative issuer, and 16 solicited trades with unusually high commissions raise excessive-trading concerns. The Approved Person’s family relationship with the issuer adds a conflict that can affect the integrity of the recommendations.
A proper next step is to promptly review the KYC, account notes, trade pattern, concentration, commission activity, and conflict disclosure handling; obtain the Approved Person’s rationale and evidence of client instructions; document the review; and escalate internally before allowing further solicited trading. The key point is that the exception already provides enough concern to require immediate intervention, not routine follow-up later.
Multiple red flags require prompt supervisory review of suitability, concentration, excessive trading, and the conflict before more recommendations are made.
Topic: Element 4 — Account Approval Supervision
A branch manager reviews this approval file for a retail client requesting one account with fee-based pricing, margin, and discretionary management. The dealer permits this combination if all approvals are met, and the proposed adviser is an Approved Person at the branch.
Which missing item is the decisive deficiency?
Best answer: A
What this tests: Element 4 — Account Approval Supervision
Explanation: The file already contains the main fee-based, margin, and managed-account documents, so the remaining approval gap is the discretionary feature itself. A supervisor cannot approve discretionary trading unless it is routed through the firm’s authorized managed-account process and discretion will be exercised by someone approved for that authority.
The decisive issue is discretionary authority. When a client requests fee-based pricing, margin, and discretionary management together, the supervisor must confirm that each feature independently meets its approval requirements. Here, the file shows current KYC, the fee schedule, the margin agreement, the managed-account agreement, and documented leverage-risk discussion. What is still missing is evidence that the discretionary feature was escalated through the dealer’s managed-account approval channel and that the person exercising discretion is authorized to do so. Without that control, the discretionary component cannot be approved, so the package is deficient as submitted. A stronger fee comparison, a tighter internal margin setting, or an early follow-up review may be sensible controls, but they do not replace the required discretionary approval.
Discretionary trading cannot be approved unless it goes through the firm’s authorized managed-account approval process and discretion is exercised by an authorized person.
Topic: Element 1 — General Regulatory Framework
During a routine audit of a registered location, compliance reviews the following note. Based on the exhibit, which supervisory action is most appropriate?
Exhibit: Location-audit note
The branch manager approves local marketing vendors and signs the branch expense report.
One approved vendor, North Shore Media, is 100% owned by the branch manager’s spouse.
The relationship was omitted from the branch manager’s annual conflict attestation.
Sampled invoices were within budget and properly coded.
No regional manager review of branch expenses is documented for the last two quarters because the position was vacant.
A. Update the attestation at year-end and keep current approvals in place.
B. Treat it as an accounting matter because no coding issue was found.
C. Leave the process unchanged because sampled invoices were within budget.
D. Escalate the conflict, remove the branch manager from approving that vendor, and require independent review.
Best answer: D
What this tests: Element 1 — General Regulatory Framework
Explanation: Sound corporate governance depends on ethical conduct, transparent conflict disclosure, effective oversight, and accountability when controls fail. Here, the branch manager approved a spouse-owned vendor, did not disclose the relationship, and operated without documented second-level review, so immediate escalation and independent reassignment are required.
This exhibit points to a governance failure, not just an expense-processing issue. A supervisor with approval authority has an undisclosed personal conflict involving a spouse-owned vendor. That undermines ethics and transparency. The absence of documented regional review for two quarters also weakens oversight, so accountability cannot remain with the conflicted individual.
A sound supervisory response is to:
Invoices being within budget and properly coded does not cure the governance weakness. The key issue is whether decisions were made transparently and subject to independent oversight.
The exhibit shows an undisclosed spouse-related conflict and missing independent review, so sound governance requires prompt escalation and reassignment of conflicted approval authority.
Topic: Element 4 — Account Approval Supervision
A branch manager is reviewing a new fee-based account approval package for a retired client who is transferring in $300,000 of ETF and blue-chip holdings. The Approved Person expects about three trades per year and notes that the client wants occasional planning meetings and “predictable fees.” The package contains KYC, relationship disclosure, and a signed 1.50% annual fee schedule. The firm’s compensation grid pays the Approved Person more on fee-based assets than on commission business. Which missing review is the decisive deficiency before approval?
Best answer: D
What this tests: Element 4 — Account Approval Supervision
Explanation: A signed fee schedule alone is not enough for a fee-based account approval. Here, the client is expected to trade infrequently and the Approved Person is paid more on fee-based assets, so the supervisor needs a documented review showing the account’s costs and services are appropriate and the compensation conflict has been addressed.
For a fee-based account, the supervisor must assess whether the account type itself is appropriate, not just whether the disclosure form was signed. That review should connect the client’s expected activity and service needs to the proposed fee arrangement, compare relevant costs with realistic alternatives such as commission pricing, and consider whether a higher payout to the Approved Person creates a conflict that must be managed in the client’s interest. In this file, the client is expected to trade only a few times a year, so “predictable fees” by itself does not justify the ongoing annual charge. Before approval, the supervisor should require a documented cost-and-service analysis and conflict review. Administrative enhancements in the file do not cure that core approval gap.
Fee-based approval requires evidence that expected services and total costs justify the account and that the higher payout conflict has been addressed.
Topic: Element 4 — Account Approval Supervision
A branch manager at an Investment Dealer reviews a new corporate derivatives account for Prairie Biofuels Ltd. The Approved Person has requested institutional-client treatment and qualifying-hedger status because the company says it wants to hedge commodity costs. The file contains basic incorporation documents and a CFO email, but it does not clearly show the firm’s exposure, authority to use derivatives, or enough information to complete the appropriateness assessment. Firm policy states that special status must be documented before approval; otherwise standard appropriateness review applies. What is the best next step?
Best answer: B
What this tests: Element 4 — Account Approval Supervision
Explanation: When the basis for institutional treatment, qualifying-hedger status, or account appropriateness is unclear, a supervisor should not approve first and verify later. The proper response is to pause the approval, obtain and document the missing support, and use the standard appropriateness framework unless the special status is clearly established.
The key supervisory principle is to resolve uncertainty before granting a status that changes the approval standard. If a corporate account requests institutional-client treatment or qualifying-hedger status, the supervisor needs a documented basis for that classification, plus enough information to assess authority to trade and overall account appropriateness. Here, important facts are missing, so the supervisor should defer approval, obtain and verify the supporting evidence, and then either confirm the special status or complete the regular appropriateness review under normal standards. If the uncertainty remains after reasonable follow-up, the file should be escalated under firm procedures. Approving first and fixing the record later is not acceptable, and rejecting the account immediately is premature when the issue is incomplete support rather than proven ineligibility.
Approval should wait until the basis for special status and the account’s appropriateness are documented, with standard review used unless special status is confirmed.
Topic: Element 4 — Account Approval Supervision
A supervisor reviews this approval package for a new corporate derivatives account:
The branch manager plans to skip the standard appropriateness review because the CFO is sophisticated. Which required supervisory control is missing or deficient?
Best answer: A
What this tests: Element 4 — Account Approval Supervision
Explanation: The key deficiency is the lack of evidence supporting institutional treatment and qualifying hedger status. A supervisor cannot bypass appropriateness just because a corporate contact appears sophisticated; the claimed status must be verified first, or the account should go through the standard appropriateness process.
When an approval package relies on institutional treatment or qualifying hedger status, the supervisor needs objective support for those designations. Here, the file contains sales notes and a stated hedging intention, but it does not show that the corporation actually qualifies for the requested treatment or has documented underlying exposure consistent with hedging. Because those classifications can affect the approval path and whether a standard appropriateness review is performed, the supervisor should not approve on the basis of the CFO’s sophistication alone. The proper response is to obtain and document supporting evidence before approval; if the status remains uncertain, the account should be reviewed under the standard appropriateness framework. Better notes, forecasts, or follow-up plans may improve the file, but they do not cure the core approval defect.
Institutional and qualifying hedger treatment must be supported by evidence, not assumed from a sophisticated contact or sales notes.
Topic: Element 4 — Account Approval Supervision
A branch manager is reviewing a new account for a pension fund. The client will not sign the dealer’s standard trading agreement, and firm policy permits a Letter of Undertaking for institutional clients only. Which description best matches that Letter of Undertaking?
Best answer: B
What this tests: Element 4 — Account Approval Supervision
Explanation: A Letter of Undertaking is an institutional-client alternative to the dealer’s standard trading agreement. It should show that an authorized institutional representative agrees the account will still be subject to the dealer’s trading terms and conditions.
The core concept is substitution, not exemption. A Letter of Undertaking is used when an institutional client will not execute the dealer’s standard trading agreement but can provide an equivalent written commitment. The letter should be signed by someone authorized to bind the institution and should make clear that the account and its trading activity will be governed by the dealer’s trading terms.
From a supervisory perspective, the reviewer should confirm the client qualifies as institutional, the signatory has authority, and the letter clearly applies to the relevant account. It is not a general disclosure document, not a grant of discretionary authority, and not an internal supervisory approval record.
A Letter of Undertaking lets an institutional client avoid signing the standard trading agreement while still agreeing to be bound by its terms.
Topic: Element 1 — General Regulatory Framework
A branch manager at an Investment Dealer receives an email from a client saying her representative bought a leveraged ETF without speaking to her, changed her risk tolerance to “high,” and submitted a margin agreement with a signature she says is not hers. The client asks the firm to reverse the losses. The representative asks the branch manager to wait for his explanation. What is the primary supervisory red flag?
Best answer: A
What this tests: Element 1 — General Regulatory Framework
Explanation: The email is more than a service issue. It alleges unauthorized trading, possible falsified documents, and client loss, so it must be escalated promptly through the firm’s complaint process for formal investigation and reportability assessment.
Supervisors should first determine whether a client communication is a complaint that must enter the firm’s complaint-handling process. Here, the client alleges unauthorized trading, an altered risk profile, a signature that may be false, and asks the firm to reverse losses. Those facts require immediate escalation to the firm’s complaints or compliance function for intake, evidence preservation, internal investigation, and any required reportability assessment. The branch manager should not wait for the Approved Person’s explanation or treat the matter as a routine trading dispute. Suitability of the leveraged ETF, the risk-tolerance change, and the margin form may all need review, but those are follow-on supervisory issues after the complaint is formally escalated.
The client alleges misconduct, possible document falsification, and loss, so the matter must enter the firm’s complaint process immediately for investigation and reportability assessment.
Topic: Element 4 — Account Approval Supervision
An Investment Dealer is revising relationship disclosure for an existing discretionary managed-account program that uses a rules-based ETF allocation model. The document already explains the firm’s wealth management process. The supervisor must choose one communication control for performance discussions with new clients:
Which supervisory decision is most appropriate?
Best answer: C
What this tests: Element 4 — Account Approval Supervision
Explanation: Approach 2 is the better supervisory choice because it uses a relevant benchmark and gives written disclosure about the main factors that make client results differ from program results. In managed-account disclosure, accuracy and comparability matter more than simplicity or verbal explanations.
For managed accounts, the supervisor should focus on whether the relationship disclosure fairly explains the offering and how performance should be interpreted. A systematic investment approach can be benchmarked, but the benchmark should be relevant to the mandate’s asset mix and risk profile. A broad equity index may be easy to understand, yet it can be misleading if the program is not primarily a Canadian equity mandate.
Written disclosure should also explain that realized client returns are affected by fees and may differ further because turnover creates costs and tax consequences vary by client. Relying on verbal explanations is weaker than building those points into the disclosure itself. The best supervisory choice is the approach that combines an appropriate benchmark with clear written disclosure of return-impact factors.
It aligns the benchmark with the actual managed strategy and gives written disclosure about fees, turnover, and taxes affecting client returns.
Topic: Element 1 — General Regulatory Framework
A carrying Investment Dealer that is a CIPF member has weak reconciliation and escalation controls. After a cyberattack, it cannot fully account for some client cash and securities and later becomes insolvent. Clients ask which organization would be most directly involved in assessing protection for eligible property shortfalls. Which organization is most directly connected to that consequence?
Best answer: B
What this tests: Element 1 — General Regulatory Framework
Explanation: Because the scenario ends with insolvency and possible missing client property, the most direct downstream body is CIPF. CIPF is connected to protection of eligible cash and securities at a failed member Investment Dealer, unlike the conduct, AML, or complaint bodies listed in the other options.
The core concept is role recognition after a dealer failure. When a CIPF-member carrying Investment Dealer becomes insolvent and there may be a shortfall in client cash or securities, the organization most directly connected to protection of eligible client property is CIPF. Weak reconciliations and delayed escalation are important supervisory failures because they can worsen or hide a shortfall, but the client-protection consequence is still a CIPF matter. CIRO oversees dealer compliance and supervision, FINTRAC focuses on anti-money-laundering reporting, and OBSI handles unresolved client complaints. The controlling clue is insolvency combined with potentially missing client property.
CIPF is the body tied to protection of eligible client property shortfalls when a member Investment Dealer becomes insolvent.
Topic: Element 7 — Trading and Market Rules Supervision
An investment dealer uses automated post-trade surveillance to flag possible UMIR issues. Daily first-level alert review is delegated to trading desk supervisors, while head office Compliance performs oversight. The firm is revising its written trading supervisory system after finding repeated delays in escalation. Which statement is INCORRECT?
Best answer: D
What this tests: Element 7 — Trading and Market Rules Supervision
Explanation: The inaccurate statement is the one claiming delegation eliminates ongoing oversight. A dealer may delegate trading-review tasks, but it must still document the system, train reviewers, monitor review quality, handle violations properly, and report material issues through appropriate governance channels.
The core concept is that a dealer’s trading supervisory system remains the dealer’s responsibility even when specific review tasks are delegated. In this scenario, desk supervisors can perform first-level alert review, but head office Compliance must still maintain effective oversight of that process. A sound system includes written procedures, evidence of reviews and escalations, training for reviewers, follow-up on potential violations, and governance reporting for material breaches or control weaknesses.
Delegation is operational, not a transfer of accountability. If repeated escalation delays have already been identified, the firm should strengthen monitoring and remediation, not step back from oversight. The closest distractors describe normal supervisory controls that support an effective CIRO-compliant trading supervision framework.
Delegation can assign review tasks, but the dealer must still supervise delegates and remain accountable for the effectiveness of trading supervision.
Topic: Element 2 — Supervisory Structure
A branch manager discovers that, to clear a backlog, an unregistered branch administrator has been signing off on new margin-account applications for two days. The firm’s procedures require these accounts to be approved by an authorized supervisor before use. The administrator has no supervisory proficiency or approval authority, and there is no documented secondary review. No trades have yet occurred in the affected accounts. What is the best next step?
Best answer: A
What this tests: Element 2 — Supervisory Structure
Explanation: This is an invalid delegation of a supervisory approval, not a minor paperwork gap. The proper response is to stop the practice immediately, have an authorized qualified supervisor review each affected account before any trading, and document and escalate the control failure.
Delegation in supervision is limited by authority, proficiency, and the quality of the review process. A new margin-account approval is a supervisory decision, not an administrative task. In this scenario, the person signing off lacks both approval authority and supervisory proficiency, and there is no evidence that an authorized supervisor later reviewed the files. Because no trading has occurred yet, the correct workflow is to stop account use, have a qualified supervisor perform an individual review of each affected file, and document/escalate the breakdown so the control weakness is remediated. A later blanket sign-off, sample review, or representative confirmation does not cure the fact that each account missed proper supervisory approval before use.
The sign-off was a supervisory approval that could not be delegated to an unqualified administrator, so each account needs proper review before use.
Topic: Element 7 — Trading and Market Rules Supervision
During a monthly trade-exception review, a branch manager assembles the following file for an Approved Person.
Exhibit: File extract
Which additional supervisory action is required to make this file adequate?
Best answer: C
What this tests: Element 7 — Trading and Market Rules Supervision
Explanation: The decisive issue is suspected misuse of client-order information, not execution quality. Once the audit trail shows personal trading ahead of client orders, the supervisor must escalate for formal compliance review instead of closing the file with coaching.
Supervisors reviewing order activity must focus first on possible market misconduct. Here, the file already shows the critical sequence: client market orders were received, the Approved Person then entered a personal market order in the same security, and only afterward were the client orders entered and filled at higher prices. That creates a clear potential frontrunning concern and requires prompt escalation and documented investigation by compliance.
The saved OMS audit trail and personal-account report support that escalation. The venue comparison already addresses best execution, so the main deficiency is not execution analysis. A written explanation or later training may be useful additions, but they do not replace the supervisor’s duty to escalate suspected trading ahead of client orders.
The timestamps show the Approved Person traded after receiving client orders but before handling them, so coaching alone is inadequate and the matter must be escalated.
Topic: Element 1 — General Regulatory Framework
Which pairing of marketplace type and description is correct under the Canadian regulatory framework?
Best answer: C
What this tests: Element 1 — General Regulatory Framework
Explanation: An exchange is a marketplace that can carry out exchange-style functions, including listing or issuer requirements and rules tied to trading on its market. An alternative trading system does not take on those listing functions, and the other two options overstate exclusions or use overly broad definitions.
The key distinction is functional. In Canada, an exchange is a marketplace that can perform exchange-style roles, such as imposing listing or issuer requirements and setting rules governing trading on its facilities. An alternative trading system can bring together orders, but it does not operate with those exchange-style listing functions. A crypto-asset trading platform is not automatically outside securities regulation just because trading is described as spot trading; its regulatory treatment depends on the platform’s structure and the client arrangement. A foreign organized regulated market is a foreign market that is organized and regulated in its home jurisdiction, not simply any foreign website that accepts orders. For supervision, classify the venue by what it does and how it is regulated, not by marketing labels.
An exchange is distinguished by its ability to perform exchange-style functions, including listing or issuer requirements and trading rules.
Topic: Element 9 — Dealer Activity and Location Risks
Head office is comparing two registered locations.
If the firm adds only one enhanced control for opening Location B, which measure best fits the decisive risk difference between the two locations?
Best answer: A
What this tests: Element 9 — Dealer Activity and Location Risks
Explanation: Location B has a materially higher internal and reputational risk profile because supervision would depend heavily on one producer in a concentrated community with recent suitability complaints. The best response is an independent, more intensive review structure that tests actual account activity and complaints.
Supervisory controls for registered locations should match the location’s real risk drivers. Location A has on-site management, multiple staff, and no complaint pattern, so ordinary controls may be adequate. Location B is different: one high-producing Approved Person creates key-person and principal-agent risk, there is no resident supervisor, most clients share the same local employment exposure, and there is recent suitability-related discipline. Those facts increase both misconduct risk and reputational harm if a problematic sales pattern develops in that community.
The strongest single added control is independent heightened supervision of accounts, trades, and complaints. It adds oversight where the location lacks it and gives the firm a way to detect unsuitable concentration, repeat behaviour, or emerging complaint trends early. Measures aimed only at reminders, self-attestation, or communications do not provide the same control strength.
Independent heightened review best addresses key-person reliance, limited local resources, complaint history, and a concentrated community client base.
Topic: Element 3 — Business and Operations Supervision
An Investment Dealer plans to add a securities-backed lending service for retail clients through Approved Persons at 18 registered locations, some with part-time supervisors. Head office has received a detailed due diligence package from the third-party lender. Which proposed supervisory step is NOT appropriate before launch and in ongoing review?
Best answer: B
What this tests: Element 3 — Business and Operations Supervision
Explanation: A dealer cannot outsource due diligence for a new service to a third party. It must assess whether the service fits its client base, business model, and supervision structure across locations, and it must continue monitoring the risk after launch.
Adequate product or service due diligence requires more than reviewing a vendor’s package. The dealer must independently determine whether the offering is suitable for its own business model, client base, and supervisory structure, especially when it will be distributed through multiple registered locations with uneven resources. For a leveraged service such as securities-backed lending, that includes assessing training needs, escalation paths, location-level supervisory capacity, conflicts from compensation, and operational controls.
Ongoing risk assessment also matters after approval. The firm should monitor concentrations, exception reports, complaints, client outcomes, and any material changes to the target market, compensation model, vendor terms, or distribution approach. Third-party due diligence can inform the review, but it cannot replace the dealer’s own analysis and accountability.
The key takeaway is that approval is not a one-time vendor check; it is a firm-specific and continuing supervisory process.
Third-party materials may support review, but the dealer must perform its own due diligence on client fit, operational readiness, and supervisory capacity.
Topic: Element 2 — Supervisory Structure
Branch supervisors at several registered locations identify repeated missing suitability rationale in files for a newly approved structured note and escalate the issue immediately. The compliance department confirms a control weakness in a written report and recommends enhanced review plus a temporary sales restriction. Executives delay the changes for six weeks to avoid disrupting quarter-end targets. Directors are scheduled to receive only a summary at the next board meeting. Client complaints increase during the delay. What is the most likely supervisory consequence?
Best answer: B
What this tests: Element 2 — Supervisory Structure
Explanation: The key consequence is executive accountability for delaying remediation after a known control weakness was formally identified. Supervisors met their escalation duty and compliance met its monitoring role, but neither step replaces management’s obligation to implement controls promptly.
In a CIRO supervisory framework, the roles are distinct. Supervisors handle day-to-day review and must detect and escalate issues. Compliance independently monitors, tests, and recommends remediation, but it does not become the business-line owner of the problem just by reporting it. Executives are responsible for ensuring the firm has effective controls, adequate resources, and timely corrective action when a weakness is identified. Directors oversee the overall supervisory framework and senior management’s performance, not routine account-by-account reviews.
Here, the supervisors escalated promptly and compliance documented the weakness. The extra complaints arose because executives chose to delay the remediation for business reasons. That makes executive-level accountability the most likely supervisory consequence.
Executives are responsible for ensuring timely remediation of identified supervisory weaknesses, so delaying corrective action creates likely accountability at that level.
Topic: Element 5 — Account Activity Supervision
A dealer’s procedures permit retail CFD trading only after the account is specifically approved for CFDs and the client has signed the firm’s CFD risk disclosure acknowledgement. In a daily exception report, a branch supervisor sees that four retail clients entered CFD trades the day before, but neither requirement is on file. The supervisor waits two business days for the Approved Person to respond before escalating. What is the most likely supervisory consequence?
Best answer: B
What this tests: Element 5 — Account Activity Supervision
Explanation: Retail CFD trading is not a routine paperwork follow-up. If retail clients trade CFDs before the required approval and CFD risk disclosure are on file, the issue becomes deficient supervision of a restricted derivative activity, requiring prompt escalation and review of the affected trades.
The core concept is pre-trade control over restricted retail derivative activity. For retail CFD accounts, the dealer must complete its product-specific approval and disclosure steps before any CFD trading occurs. Here, the exception report shows the opposite: the clients traded first, required documentation was missing, and the supervisor delayed escalation. That creates a supervisory deficiency and increases the risk of further unauthorized activity, client harm, and regulatory criticism of the branch’s review process.
The closest trap is treating this as a simple paperwork defect, but post-trade signatures do not erase the original control failure.
Retail CFD trading requires product-specific approval and disclosure before trading, so delayed escalation creates a supervision breach and potential remediation exposure.
Topic: Element 9 — Dealer Activity and Location Risks
An Investment Dealer’s registered location mainly serves clients in one linguistic community and has had three similar complaints in four months about unsuitable use of leverage. Supervisors know local staff used an unapproved translated handout, but the location received only standard annual training and its audit used a generic checklist with no extra testing or follow-up. If this gap is not corrected, what is the most likely consequence?
Best answer: A
What this tests: Element 9 — Dealer Activity and Location Risks
Explanation: The location has clear local risk indicators: repeated similar complaints, leverage concerns, and unapproved translated communications. If supervisors still rely on generic training and a standard audit approach, the most likely result is ongoing misconduct risk and a finding that supervision was not properly tailored to that location.
Business-location supervision should be risk-based, not purely calendar-based or identical across all registered locations. When a location shows specific warning signs such as repeated similar complaints, a concentrated client base, or unauthorized communications, the dealer should increase audit depth, tailor training, and document follow-up aimed at that location’s actual risks. In this scenario, supervisors already know about a complaint trend and the use of an unapproved translated handout, yet they kept only standard annual training and a generic audit checklist. That makes it more likely the same conduct will continue and makes it harder for the dealer to demonstrate reasonable supervision. A regulatory exam or quantified client loss is not required before the supervision gap becomes a real supervisory risk.
Known complaint patterns and unapproved translated material require targeted coverage; without it, repeat issues may continue and the firm’s supervision may be found inadequate.
Topic: Element 8 — Communications and Research Supervision
A branch manager is updating controls for an Approved Person who uses email, LinkedIn, and seminar materials to promote the dealer’s services. Which practice is NOT acceptable under a CIRO-compliant supervisory program?
Best answer: C
What this tests: Element 8 — Communications and Research Supervision
Explanation: Business-related communications must occur on channels the dealer can capture, retain, and supervise. Allowing client chats on a personal app with auto-delete features is not acceptable, even if the Approved Person later summarizes the conversation in the CRM.
The core concept is that communications relating to the dealer’s business must be subject to effective supervision, including record retention and review. Promotional materials such as seminar handouts are commonly subject to pre-use approval, and routine client correspondence may be supervised through post-use review on a risk-based basis if the firm’s procedures support that approach. Records of social media approvals and reviews are also part of a sound supervisory trail.
An auto-deleting personal messaging app is different because the original communication cannot be reliably captured or reviewed by the dealer. Recreating the content afterward in the CRM does not preserve the actual message, timing, or context. The key supervisory test is whether the communication channel is approved, retained, and reviewable.
Business communications must be retained and supervised on approved channels, and later CRM notes do not cure an off-channel, auto-deleting message stream.
Topic: Element 6 — Approved Persons Supervision
A branch manager is reviewing two files before approval:
Which supervisory action best aligns with CIRO expectations?
Best answer: D
What this tests: Element 6 — Approved Persons Supervision
Explanation: The supervisor should stop both files until the deficiencies are resolved. Retail suitability must be assessed against the client’s KYC, and institutional-client treatment requires documented grounds for the client’s independent risk assessment and the dealer’s reliance decision.
Supervisory suitability review is client-specific. For the retail file, the recommendation appears inconsistent with the client’s low risk tolerance and short time horizon, so approval should be withheld until the Approved Person re-assesses and documents why the recommendation is suitable. For the institutional file, the supervisor should not assume that an institutional label automatically removes suitability responsibilities. The file should show the basis for believing the client can independently assess investment risk and how the dealer will rely on the client before treating the account differently for suitability purposes. This is a gatekeeping and recordkeeping function that cannot be cured by acknowledgements or by general product approval. The closest distractor confuses product due diligence with client-level suitability review.
Supervisors must stop approval when retail suitability appears inconsistent with KYC and when institutional-client treatment lacks documented support for independent risk assessment and reliance.
Topic: Element 4 — Account Approval Supervision
A retail client is opening a fee-based managed account at an Investment Dealer. The supervisory file shows:
The branch manager is not one of the dealer’s designated managed-account approvers, and the file shows no further escalation. Which deficiency is the most important to correct before the account is opened?
Best answer: A
What this tests: Element 4 — Account Approval Supervision
Explanation: The key deficiency is the missing specialized approval for a managed account. Because the account grants discretionary authority, approval must come from the dealer’s designated managed-account Supervisor or authorized committee, not simply from a branch manager who lacks that designation.
Managed accounts require a higher level of account-opening control than a standard retail account because the client is granting discretionary authority and entering a specialized service arrangement. In this scenario, the core documents are already in the file, but the recorded approval is defective because it was given by a branch manager who is expressly not a designated managed-account approver.
The file should be escalated to the dealer’s authorized managed-account Supervisor or approval committee, and that approval should be documented before the account is opened. That is the decisive control missing from the workflow. Better cost-comparison notes, benchmark materials, or communication records may improve the file, but they do not cure an approval completed by someone without the required authority.
Managed accounts require approval by the firm’s designated approver or authorized committee, so ordinary branch-manager sign-off is insufficient here.
Topic: Element 4 — Account Approval Supervision
An Approved Person asks you, the branch supervisor, to approve a new corporate cash account immediately because the client wants to buy securities before market close. The new account form is complete, but the file is missing the certificate of incorporation and signing-authority resolution. Your firm’s policy states that entity accounts cannot be approved or traded until required supporting records are received and reviewed. What is the best next step?
Best answer: D
What this tests: Element 4 — Account Approval Supervision
Explanation: The supervisor should not let urgency override core account-opening controls. When required supporting records for an entity account are missing, the proper step is to stop the approval, obtain and review the documents, and only then approve or permit trading.
The core account-opening control here is completeness of the supporting records needed to confirm the client’s legal existence and who is authorized to act for the account. Because the firm’s policy explicitly says an entity account cannot be approved or traded until those records are received and reviewed, the supervisor’s workflow is straightforward: pause the approval, obtain the missing certificate of incorporation and signing-authority resolution, review them against the account information and the person giving instructions, and document the follow-up. Client urgency and an Approved Person’s assurance do not replace documentary review. The key point is that this safeguard is pre-approval and pre-trade, not something to fix after activity has already occurred.
Required entity-supporting records must be reviewed before approval or trading, so urgency does not justify a conditional or retrospective approval.
Topic: Element 9 — Dealer Activity and Location Risks
An Investment Dealer’s registered location in a remote community serves mostly clients who prefer one non-English language. The branch manager generates 85% of the location’s revenue, is the only registered person fluent in that language, and is allowed to translate account-opening discussions and summarize client complaints for head office. Three complaints were reported only after family members contacted head office directly. The products sold were already firm-approved. What is the primary supervisory red flag?
Best answer: D
What this tests: Element 9 — Dealer Activity and Location Risks
Explanation: The main issue is not the remote office or the approved products. It is that head office depends on the branch manager—the same person earning the revenue—to interpret client interactions and effectively gatekeep complaints, which weakens independent supervision.
The core supervisory concept is loss of independent oversight at a higher-risk location. Here, the branch manager is not just producing revenue; he is also the only language bridge between clients and head office, and he is summarizing complaints before compliance reviews them. That creates both key-person reliance and a principal-agent problem, because the firm is depending on the individual whose conduct may be at issue to define what happened.
In a remote, community-specific location, that weakness is more serious because clients may be less likely to bypass the local representative, and delayed complaint reporting can increase both internal and reputational risk. A prudent supervisor would require independent complaint intake, direct client verification where needed, and enhanced review of activity from that location. Revenue concentration and community concentration matter, but they are secondary to the complaint-handling control failure.
Using the same revenue-producing individual to control client communications and complaint escalation creates a key-person and principal-agent oversight failure.
Topic: Element 3 — Business and Operations Supervision
A dealer operates a remote registered location. The branch manager is the only on-site supervisor and also the location’s largest revenue producer. Approved Persons are instructed to send complaints, exception-report questions, and conduct concerns to the branch manager first and not contact head office compliance directly unless the branch manager approves. What is the primary supervisory red flag?
Best answer: B
What this tests: Element 3 — Business and Operations Supervision
Explanation: The main weakness is the escalation structure, not the branch’s distance from head office. When the only on-site supervisor has production incentives and controls whether compliance is told about complaints or conduct issues, objective and timely escalation is at risk.
This scenario highlights a structural escalation risk. Effective supervision requires a clear route for material issues to reach an independent compliance or higher supervisory function without needing permission from the person whose revenue, status, or branch results could be affected. Here, the branch manager is both the only on-site supervisor and the top producer, and staff are told not to contact compliance directly. That can discourage reporting and allow complaints, exception items, or conduct concerns to be minimized, delayed, or stopped. Remote-location challenges such as training consistency, audit frequency, or workload can matter, but they are secondary because the most serious weakness is that concerns may never be escalated to an independent reviewer.
The only escalation path runs through a revenue-interested branch manager, so material issues may never reach independent compliance.
Topic: Element 3 — Business and Operations Supervision
A branch manager’s month-end exception report shows that one Approved Person sharply increased listed-option activity in several advisor-assisted accounts held by moderate-risk, income-oriented clients. The firm’s compensation grid pays that representative a higher payout rate on listed-option commissions than on cash-equity or ETF trades. Recent KYC reviews showed no change in the clients’ objectives or risk tolerance, but most files contain only generic notes such as “income” or “hedging” and no client-specific rationale for the derivatives strategy. There are no complaints and margin is within limits. Which supervisory response best addresses the primary control weakness?
Best answer: D
What this tests: Element 3 — Business and Operations Supervision
Explanation: The core issue is a compensation incentive tied to derivatives activity without client-specific supporting notes. The best supervisory response is targeted, independent trade-level review of the representative’s derivatives recommendations and documentation, rather than a broader or reactive step.
This scenario points to a compensation-related control weakness: a representative is receiving higher payout incentives on listed options, while the files lack specific suitability rationale for the derivatives strategies used. In that situation, the supervisor’s first priority is heightened supervision focused on the affected representative and activity, not a general branch measure or a wait-and-see approach.
Targeted independent review should test whether the recommendations were genuinely suitable for each client, consistent with current KYC, and appropriately documented despite the higher compensation incentive. The absence of complaints and the fact that margin is within limits do not remove the conflict or suitability concern. A KYC refresh or broader audit may be useful later, but they do not directly address the immediate risk that compensation may be influencing recommendations without adequate support.
The key takeaway is to tighten controls where the incentive and the activity intersect.
The higher payout creates a conflict risk, so the most direct control is heightened independent review of that representative’s derivatives activity and documentation.
Topic: Element 6 — Approved Persons Supervision
A branch manager at a small registered location receives a same-day request to approve a new margin account for a 74-year-old retiree who has just transferred $420,000 to the firm. The Approved Person notes that the client wants dividend income and that the client’s adult son joined a 15-minute video call, but the son is not authorized on the account. The file contains signed relationship disclosure and a margin agreement, yet the notes only say “reviewed risks” and do not show that the client was told margin interest can increase losses or that securities may be sold without prior notice if the account becomes under-margined. The Approved Person asks for approval before market close so the client can buy bank stocks “on 50% margin today.” What is the best supervisory response?
Best answer: C
What this tests: Element 6 — Approved Persons Supervision
Explanation: Adequate client education is not proven by signatures alone. Here, the margin file lacks evidence that the client understood core risks and account features, and the unauthorized son’s involvement increases the need for direct confirmation and clear documentation before margin is approved.
The core concept is that adequate client education must be demonstrated, not assumed. For a margin account, the file should support that the client was informed of how margin works, the main risks, and important consequences such as interest costs and forced liquidation if the account becomes under-margined. In this scenario, the notes are too generic, the client is older and income-focused, an unauthorized family member participated in the discussion, and the Approved Person is pushing for same-day approval. Those facts require the supervisor to stop the margin approval process, ensure the client’s own understanding is confirmed directly, document the discussion properly, and resolve the son’s role before margin trading is permitted. Later follow-up or extra monitoring may help, but they do not replace complete pre-approval education and documentation.
Signed forms and vague notes do not show the client understood key margin features and risks, so margin approval should wait until understanding is confirmed and documented.
Topic: Element 8 — Communications and Research Supervision
An Approved Person sends a branch supervisor a draft email promoting a new income note and says it is “just client correspondence” that can go out today. The draft summarizes product features and invites recipients to call for details, but the supervisor does not yet know exactly who will receive it or how it will be used. What should the supervisor verify first?
Best answer: C
What this tests: Element 8 — Communications and Research Supervision
Explanation: The first supervisory issue is how the communication will actually be used. A message sent in substantially the same form to multiple recipients may need to be treated as sales literature or an advertisement, while a truly individualized message is supervised differently.
For communications supervision, classification comes before approval. The supervisor must first verify the audience and the form of use: who will receive the email, whether it will go to multiple clients or prospects, and whether the wording is substantially the same for each recipient. That information determines whether the item should be treated as ordinary correspondence or as sales literature/advertising requiring the firm’s appropriate pre-use review and controls.
Training history, issuer-supplied wording, and even likely suitability may matter later, but they do not answer the threshold supervisory question. A supervisor should not rely on the Approved Person’s label alone; the actual distribution and level of personalization drive the review obligation.
Classification depends first on who will receive the message and whether it is standardized, because that determines the dealer’s review and approval path.
Topic: Element 5 — Account Activity Supervision
A dealer plans to offer CFDs to retail clients on its online platform. The supervisor sets a system rule that keeps CFD permissions inactive until the client has received the CFD risk disclosure statement, acknowledged it, completed an appropriateness assessment, and obtained designated supervisory approval. Which supervisory function does this rule best serve?
Best answer: B
What this tests: Element 5 — Account Activity Supervision
Explanation: This control is a front-end access restriction. Its purpose is to stop a retail client from trading CFDs before the required risk disclosure, appropriateness review, and supervisory approval have all been completed and recorded.
The core concept is pre-trade retail access control for a restricted derivative product. A system lock that withholds CFD permissions until disclosure delivery, client acknowledgement, appropriateness assessment, and supervisor approval are all on file is designed to prevent trading from starting too early. That matches the retail-client protection function for CFD onboarding, not an after-the-fact monitoring task.
Because CFDs are complex and leveraged, the firm should ensure the retail client has been properly notified of the risks and that the account has been reviewed and approved before first use. Documenting those steps also gives the supervisor evidence that the firm followed its required process. A daily margin exception report may also be important, but that is an ongoing supervision control after trading has already been enabled.
The rule is a pre-activation gate that prevents retail CFD trading until required notification, appropriateness review, and supervisory approval are documented.
Topic: Element 5 — Account Activity Supervision
Which statement best reflects an appropriate use of a cross-supervision or hold-mail arrangement at an investment dealer?
Best answer: C
What this tests: Element 5 — Account Activity Supervision
Explanation: Cross supervision is used to deal with supervisory conflicts of interest. When a supervisor has a personal connection to an account, such as a spouse’s account, a qualified independent supervisor should perform the review; hold mail is only a limited administrative arrangement and never a substitute for supervision.
The core concept is the purpose of each arrangement. Cross supervision is used when the normal supervisor cannot provide objective oversight because of a conflict, such as supervising a spouse’s account or another closely connected account. In that case, the dealer should assign a qualified, independent supervisor to perform the required approvals and ongoing reviews and document that arrangement.
Hold mail is much narrower. It may be used for legitimate client convenience, but it does not change the firm’s supervisory duties, does not excuse review of unusual trading or other red flags, and should not be used to conceal account activity from someone else. A hold-mail request is about delivery of mail; cross supervision is about preserving independent supervisory judgment. That distinction makes the independent-review arrangement the only appropriate choice here.
Cross supervision is appropriate when the regular supervisor has a conflict, such as a personal relationship to the account.
Topic: Element 5 — Account Activity Supervision
A branch manager reviewing exception reports at a registered location finds that an Approved Person has entered discretionary trades in four fee-based client accounts over the past two weeks. The accounts are coded as advisory, not managed, the files contain no managed-account agreements or managed-account approvals, and one client has complained about an unauthorized trade. The representative says each client gave standing verbal instructions and asks to keep trading today because markets are volatile. What is the best supervisory action?
Best answer: D
What this tests: Element 5 — Account Activity Supervision
Explanation: Immediate containment is the priority because discretionary trading is occurring in accounts that were never approved as managed accounts. Verbal standing instructions do not cure missing managed-account authority, and the complaint requires prompt escalation, review, and client-focused remediation before discretion resumes.
The core concept is that discretionary trading must occur only within the firm’s properly approved managed-account framework. Here, the supervisor has several red flags at once: advisory-coded accounts, no managed-account agreements, no managed-account approvals, and an unauthorized-trade complaint. The best supervisory response is to contain the risk first and then investigate and remediate it.
Allowing trading to continue, even for liquidations, or relying on after-the-fact confirmations misses the immediate client-protection and control failure.
This response contains the unauthorized discretionary activity immediately and addresses past client harm before any discretionary authority is used again.
Topic: Element 7 — Trading and Market Rules Supervision
During a supervisor’s weekly market-rule review, an exception report flags trades in a grey-listed issuer. It appears the firm’s proprietary desk received fills ahead of two client orders entered through an electronic access gateway. The report also shows the gateway clock was 78 seconds out of sync, and firm policy says possible client-priority or restricted-trading issues with unreliable timestamps must be escalated immediately and contained until validated. What is the best next step?
Best answer: B
What this tests: Element 7 — Trading and Market Rules Supervision
Explanation: This is a gatekeeping issue, not a wait-and-see issue. A possible client-priority problem in a grey-listed security, combined with an unreliable audit trail from poor time synchronization, requires immediate evidence preservation, escalation, and an interim control on the affected order flow.
Regular review of marketplace-trading compliance is meant to detect and contain potential market-rule problems promptly. Here, the exception report points to possible improper trading in a grey-listed issuer and a possible client-priority concern, but the order sequence cannot be trusted until the gateway timestamps are validated. That means the supervisor should not dismiss the alert, rely on a trader’s verbal explanation, or treat the breach as already proven.
The key takeaway is that when the audit trail itself may be flawed, the supervisor’s first duty is containment and escalation before reaching a final conclusion.
Because the alert involves a grey-listed security, possible client-priority concerns, and unreliable timestamps, the supervisor should preserve evidence, escalate immediately, and contain further risk first.
Topic: Element 7 — Trading and Market Rules Supervision
During a routine exception review, a branch manager sees repeated end-of-day trades in two related client accounts that appear designed to influence the closing price of a thinly traded stock. Order notes are incomplete, and some client instructions were received through an unapproved messaging app. The manager waits nine days for the Approved Person to “rebuild the file” and tells staff to keep the issue within the branch. An assistant then submits an internal whistleblower report alleging possible market manipulation and suppressed escalation. What is the most likely supervisory consequence?
Best answer: A
What this tests: Element 7 — Trading and Market Rules Supervision
Explanation: Supervisors must act on credible market-abuse red flags before they have perfect proof. Here, the delayed escalation, incomplete notes, unapproved communications, and whistleblower allegation make a control and gatekeeping review the most likely consequence, along with assessment of whether further reporting is required.
In trading supervision, gatekeeping means escalating credible warning signs promptly so the firm can review the activity, preserve evidence, and decide whether further reporting is required. The branch manager had several red flags at once: related accounts, end-of-day trading in a thinly traded security, incomplete order notes, and unapproved client communications. Waiting nine days for the Approved Person to rebuild the file and telling staff to keep the issue in the branch turns a trading concern into a supervisory-control concern as well. Once an internal whistleblower report alleges suppressed escalation, compliance is likely to review both the trading itself and whether the branch failed to escalate appropriately. Later documentation, no apparent profit, or the absence of a regulatory finding does not remove the original gatekeeping duty.
The delay, weak records, and effort to contain the issue can themselves trigger a gatekeeping-control review once a whistleblower report is raised.
Topic: Element 4 — Account Approval Supervision
A dealer’s new-account system has an Institutional Client code that routes an account to the firm’s institutional supervision workflow. Under firm policy, the code is used only for entity accounts that are Canadian financial institutions, pension funds, governments or Crown entities, or other entities with net assets of at least $25 million. Which applicant matches that code?
Best answer: D
What this tests: Element 4 — Account Approval Supervision
Explanation: The institutional-client code is tied to the dealer’s listed entity categories, not simply to wealth or commercial hedging activity. A Canadian bank falls squarely within the financial-institution category, so it should be routed to the institutional supervision workflow.
The core issue is matching the client to the dealer’s stated institutional-client approval feature. Under the facts given, the code is available only for entity accounts that fit one of the listed institutional categories or meet the stated net-asset minimum. A Canadian bank clearly qualifies because it is a Canadian financial institution.
This also shows why supervisors must separate similar-looking categories:
The best match is the client that satisfies the stated institutional criteria exactly, not the client that is merely sophisticated or active.
A Canadian bank is a listed Canadian financial institution, so it fits the dealer’s institutional-client code.
Topic: Element 5 — Account Activity Supervision
A dealer’s written supervisory system says that once a client is properly documented as institutional, supervisors may use exception reports instead of retail-style trade-by-trade review. The reports flag trading or cash movements that are inconsistent with the client’s mandate and require escalation of suspicious activity. Which function does this control match?
Best answer: D
What this tests: Element 5 — Account Activity Supervision
Explanation: This control is for risk-based supervision of institutional accounts. Even when a client is designated institutional, the dealer must monitor exception reports for trading or money-movement patterns that do not fit the client’s known mandate and escalate suspicious activity.
The core concept is tailored supervision for institutional account activity. Once the firm has properly documented the client’s institutional status, supervisors may use exception-based monitoring rather than a retail-style review of every transaction. Those exception reports should focus on unusual trading, transfers, concentration changes, or other activity that is inconsistent with the client’s mandate or expected behaviour. Institutional status does not remove the need for oversight. If the activity looks suspicious, the supervisor must investigate and escalate it under the firm’s procedures. Controls for cross supervision, hold mail, and communication approval are separate safeguards with different purposes, so they do not match the function described in the stem.
The control described is an exception-based supervisory review for institutional trading and cash activity, with escalation when activity appears unusual or suspicious.
Topic: Element 8 — Communications and Research Supervision
A branch manager reviews two draft public communications: a LinkedIn profile calling an Approved Person a “Senior Retirement Specialist,” and a seminar invitation claiming a structured product offers “monthly income with less risk than GICs” without mentioning liquidity or loss risk. The firm wants one control design that most effectively stops this type of problem before clients see it. Which approach is best?
Best answer: C
What this tests: Element 8 — Communications and Research Supervision
Explanation: The strongest control is preventive, not detective. A pre-use review with clear criteria for titles, trade names, claims, and risk balance addresses both issues in the drafts before clients are exposed to misleading content.
Public-facing communications must not mislead clients by using inappropriate professional titles or trade names, overstating benefits, or presenting an unbalanced comparison that downplays material risks. In this scenario, the decisive supervisory factor is timeliness: the firm wants to stop the issue before publication.
A sound pre-use control should confirm that:
Attestations, complaint monitoring, and post-use sampling can support supervision, but they are secondary controls because they do not reliably prevent improper content from reaching clients. Limiting review to communications that name a product is also too narrow, since misleading branding and broad promotional claims can be problematic even without a product ticker or fund name. The key takeaway is that marketing-risk supervision works best when it screens content before release.
It is the only option that prevents publication by testing both title/trade-name use and whether promotional claims are fair, balanced, and supportable.
Topic: Element 8 — Communications and Research Supervision
The designated research supervisor at an Investment Dealer is reviewing a draft report on Prairie Copper Ltd. The draft already discloses that the firm makes a market in the issuer’s shares and received investment banking compensation from the issuer in the past 12 months. An internal comment says a May site visit was arranged by the issuer’s investor relations team, but the file does not show who paid the analyst’s travel or lodging. Before approving the report, what should the supervisor verify first?
Best answer: A
What this tests: Element 8 — Communications and Research Supervision
Explanation: The unresolved fact is who funded the analyst’s issuer-arranged site visit. Reimbursed issuer visits are a specific research-conflict issue, so the supervisor should confirm that fact from the file before approving distribution.
A designated research supervisor should first verify the concrete fact that could create or change a required conflict disclosure. Here, market making and past investment banking compensation are already disclosed, but the file is incomplete on the analyst’s site visit. If the issuer paid or reimbursed travel or accommodation, that is a specific conflict involving analyst conduct and research disclosure.
The practical first check is the supervisory evidence for payment source, such as:
Once that fact is confirmed, the supervisor can decide whether the draft disclosure is complete or whether escalation is needed. Sales briefings, training records, and speculation about future mandates do not resolve the immediate disclosure gap in the research file.
Issuer-paid travel for an analyst visit is a specific research conflict that must be confirmed before the report is approved.
Topic: Element 5 — Account Activity Supervision
A retail supervisor at a registered location receives an exception report showing that a new client and two linked household accounts are repeatedly trading the same thinly traded issuer within minutes of one another. The file has weak source-of-funds notes, and the Approved Person accepted several trade instructions through personal texts. The supervisor leaves the matter for month-end review because no client complaint has been made. What is the most likely downstream supervisory risk for the dealer?
Best answer: B
What this tests: Element 5 — Account Activity Supervision
Explanation: This client presents several high-risk indicators: linked-account trading, activity in a thinly traded issuer, weak source-of-funds documentation, and off-channel instructions. If the supervisor delays escalation, the most likely consequence is that potentially improper market activity may continue and the dealer may be cited for weak supervision.
The core concept is timely identification and escalation of high-risk clients during account activity review. A supervisor does not need a proven violation or a client complaint before acting. In this scenario, the combination of linked accounts, repeated trading in a thinly traded security, weak documentation, and personal-text instructions creates elevated risk both to the market and to the dealer.
A reasonable supervisory response would include:
Waiting for routine month-end review weakens the firm’s gatekeeper role and increases the chance that problematic trading continues undetected. The key takeaway is that internal red flags require timely supervisory action, not passive monitoring.
Delaying escalation despite multiple red flags can allow suspicious trading to continue and expose the dealer to criticism for inadequate supervision.
Topic: Element 9 — Dealer Activity and Location Risks
During a registered location audit, compliance notes for the second year in a row that client instructions received through personal text messages were not captured in firm records. The branch manager’s follow-up is a one-line email stating that staff were reminded of policy, with no testing or escalation. A recent complaint says an order instruction cannot now be reconstructed. What is the most likely supervisory consequence?
Best answer: C
What this tests: Element 9 — Dealer Activity and Location Risks
Explanation: Repeat audit findings plus a weak, undocumented follow-up indicate that remediation was ineffective. Because the gap involves off-channel client instructions and a live complaint, the location would most likely move to enhanced supervision with targeted review, not remain on a normal cycle.
Business-location supervision is risk-based, and repeat findings are a strong signal that prior corrective action did not work. Here, the same deficiency reappeared, the branch manager cannot show meaningful follow-up beyond a reminder, and a complaint suggests the weakness may already have affected a client account. That combination means head office should no longer rely on the location’s local controls as effective.
The likely consequence is escalation: increase the location’s risk profile, require documented remediation, and perform targeted follow-up or look-back testing to determine whether other instructions or records were affected. The complaint must still be investigated through the firm’s complaint process, but it does not replace supervisory follow-up. The key takeaway is that weak follow-up turns a prior audit point into an ongoing supervisory deficiency.
Repeat findings with weak follow-up show the location’s controls cannot be relied on, so risk-based supervision would typically intensify and expand review.
Topic: Element 3 — Business and Operations Supervision
An Approved Person asks a branch manager to approve a negotiated flat quarterly fee for an existing client who actively trades listed options. In the same email, the Approved Person says 15% of that fee will be paid to an outside accountant who introduced the client. The file contains no signed fee schedule, no client disclosure, and no referral agreement. What should the branch manager verify first?
Best answer: A
What this tests: Element 3 — Business and Operations Supervision
Explanation: The first supervisory step is to verify the compensation structure itself. Negotiated flat fees and referral fees can create conflicts, off-book payments, and unclear client understanding, so the branch manager needs the dealer-approved written arrangement and disclosure before considering other factors.
This question turns on compensation-risk supervision. When an Approved Person proposes both a negotiated flat fee and a referral payment, the immediate issue is not account performance or the referrer’s résumé; it is whether the dealer has approved a written arrangement that clearly sets out the fee, the services covered, the referral relationship, the client disclosure, and how the payment will be handled and recorded.
A supervisor should first confirm:
Only after that foundation is established would the supervisor move to secondary reviews such as client proficiency, service value, or other account-level considerations.
The supervisor must first confirm the compensation arrangement is formally approved, documented, disclosed, and controlled because negotiated flat fees and referral fees create conflict and compensation-risk issues.
Topic: Element 1 — General Regulatory Framework
At an Investment Dealer registered location, a supervisor learns that an Approved Person recommended a small-cap issuer to clients through personal text messages. The Approved Person’s sibling sits on the issuer’s board, but that relationship was never disclosed to the firm or to clients. After two clients complain, the supervisor tells the Approved Person to stop, but does not document the matter, escalate it to compliance, or review other affected accounts. What is the most likely supervisory consequence for the dealer?
Best answer: B
What this tests: Element 1 — General Regulatory Framework
Explanation: Sound corporate governance depends on ethics being surfaced, documented, reviewed, and escalated. Here, the undisclosed family conflict, off-channel recommendations, and complaint mishandling point to weak governance and ineffective supervision, making regulatory findings and remediation the most likely consequence.
Ethics, transparency, oversight, and accountability work together in sound corporate governance. When an Approved Person has a personal conflict, the firm must be able to identify it, disclose or manage it appropriately, supervise the related communications, and keep evidence of what was reviewed and decided. In this scenario, the supervisor did not document the issue, did not escalate it to compliance, and did not review other potentially affected accounts. That undermines governance because the firm cannot demonstrate effective oversight or clear accountability for remediation. The likely downstream result is a broader regulatory review and findings of inadequate conflict management and supervision. Suitability alone, or stopping future texting, does not cure the governance failure that has already occurred.
Without transparent disclosure, escalation, documentation, and follow-up review, the firm cannot show it identified and managed the conflict or supervised the related conduct.
Topic: Element 1 — General Regulatory Framework
A branch manager receives a client complaint that a representative recommended a promissory-note investment through a personal corporation and used the dealer’s logo in follow-up emails. The representative says the sale was “outside the dealer” and asks that the file be closed as a private dispute. Before deciding whether CIRO supervisory obligations are engaged, what should the manager verify first?
Best answer: D
What this tests: Element 1 — General Regulatory Framework
Explanation: CIRO supervises Investment Dealers and their Approved Persons, so the first issue is whether the person and conduct fall within that supervised relationship. Confirming Approved Person status and dealer-linked holding out tells the manager whether the matter must be handled as a CIRO-governed supervisory issue rather than dismissed as a purely private dispute.
The core concept is CIRO’s supervisory scope. CIRO oversees member Investment Dealers and their Approved Persons, so when a complaint involves alleged off-book activity, the threshold question is whether the individual was acting as an Approved Person of the dealer, or at least presenting the activity as dealer-related. In this case, the use of the dealer’s logo makes that verification essential before the manager can close the matter or decide on escalation.
If that link is confirmed, the firm must treat the matter as a supervised compliance issue, preserve evidence, investigate, and consider any required internal escalation or external reporting. If the activity truly had no connection to the dealer or the individual’s registered capacity, other processes may apply, but that conclusion cannot be reached first from the representative’s assertion alone.
The closest distractors deal with later complaint handling or coordination, not the threshold for CIRO supervision.
CIRO’s authority runs through Investment Dealers and their Approved Persons, so status and dealer-linked conduct are the threshold facts to confirm first.
Topic: Element 3 — Business and Operations Supervision
A branch manager learns that several Approved Persons have recommended a 2x daily inverse ETF to retired clients as a portfolio hedge for “the next 12 months.” The product resets daily, and the firm has no product-specific guidance, no exception reporting for extended holding periods, and no review of existing positions. Which action best aligns with CIRO supervisory expectations?
Best answer: C
What this tests: Element 3 — Business and Operations Supervision
Explanation: A daily-reset inverse ETF is a complex product that can behave very differently over longer holding periods. When a supervisor sees retirees being placed into it as a 12-month hedge without product-specific controls, the best response is to stop new recommendations, escalate the product review, and conduct documented suitability reviews of existing positions.
Complex or specialized products require supervision calibrated to how the product works and how it is being sold. A 2x daily inverse ETF is built around daily reset performance, so recommending it to retired clients as a year-long hedge creates foreseeable suitability and fair-dealing risk, especially when the firm lacks product-specific guidance and exception reporting. A supervisor should act proactively, not rely on generic disclosure or advisor judgment alone.
Disclosure is important, but it does not cure weak controls or unsuitable use of a complex product.
Heightened supervision of a daily-reset inverse ETF requires proactive product review, exception monitoring, and retrospective suitability review.
Topic: Element 1 — General Regulatory Framework
At a registered location, a supervisor learns that an Approved Person discussed a confidential issuer financing before public announcement and identified affected client accounts in an open lunchroom. Another Approved Person with no role on the file overheard the discussion, and draft deal materials were left in a shared printer tray. Which supervisory response is NOT appropriate?
Best answer: C
What this tests: Element 1 — General Regulatory Framework
Explanation: When confidential information may have spread beyond those with a need to know, the supervisor should contain the breach, escalate it, document it, and assess whether any trading may reflect misuse. A verbal reminder without documentation or follow-up does not adequately protect confidentiality or support effective supervision.
The core concept is prompt supervisory containment of sensitive information and prevention of misuse. Once a confidential financing discussion and related client details are exposed in a common area, the issue is not just poor judgment by an Approved Person; it becomes a potential information-control and trading-surveillance matter. The supervisor should stop further dissemination, secure physical materials, notify compliance through the firm’s escalation process, document who was exposed and what occurred, and review relevant trading activity for signs of misuse.
A reminder can be part of remediation, but it is not enough by itself when confidential information may already have been compromised.
A confidentiality breach involving sensitive information requires containment, escalation, documentation, and review for possible misuse; a verbal reminder alone is insufficient.
Topic: Element 5 — Account Activity Supervision
A branch manager reviews an exception report showing that a newly opened account coded as managed had six discretionary trades entered over the past 10 days by a portfolio manager. The file contains current KYC and fee disclosure, but there is no signed managed-account agreement and no record that the account was approved for managed status. The trades appear consistent with the client’s objectives. Which supervisory response best addresses this procedural failure?
Best answer: C
What this tests: Element 5 — Account Activity Supervision
Explanation: The key issue is discretionary trading in an account that was not fully documented or approved as a managed account. The supervisor should stop further discretionary activity, complete the required managed-account setup, and review the trades already placed because apparent suitability does not cure missing authority.
Managed-account supervision requires more than reviewing whether trades fit the client’s KYC. Before discretionary trading occurs, the account must be properly established as a managed account, including the required agreement and supervisory approval. In the scenario, those core procedures are missing, yet discretionary trades have already occurred.
A proper supervisory response is to:
The closest distractor is continuing to trade because the activity looked suitable, but suitability does not replace the need for valid managed-account authority and approval.
Stopping further discretionary trading and curing the missing managed-account documentation and approval addresses the core control failure before more activity occurs.
Topic: Element 3 — Business and Operations Supervision
A branch supervisor finds that several new derivatives accounts have been coded as both institutional clients and qualifying hedgers, which allows the firm to use a different approval and supervision workflow. Which supervisory control best addresses the main risk in this situation?
Best answer: D
What this tests: Element 3 — Business and Operations Supervision
Explanation: The key risk is using an institutional-client or qualifying-hedger designation without adequate support. A supervisor should ensure the file contains evidence for the status before the firm applies any alternate approval or supervision process.
Institutional-client and qualifying-hedger categories can affect how an account is approved and supervised, so the supervisor’s first concern is whether the classification is accurate and supported. A firm should not rely on labels, assumptions, or an Approved Person’s informal view. It should verify the client’s status, keep documentation showing why the designation applies, and ensure the account is handled under the correct supervisory framework.
If the designation is unsupported, the firm may apply the wrong controls, miss required reviews, or expose itself to compliance and client-protection issues. The closest distractors fail because they substitute convenience indicators for evidence. The core takeaway is that special status must be validated and documented, not merely asserted.
The main supervisory risk is misclassification, so the firm should verify and document that the client actually qualifies before using reduced or different supervision.
Topic: Element 8 — Communications and Research Supervision
At an Investment Dealer, research analysts can release issuer reports to clients as soon as they finish drafting them. The current process has no documented pre-publication check for required disclosures, restricted-list status, or whether an analyst was wall-crossed on the issuer. Which supervisory action best addresses this deficiency?
Best answer: B
What this tests: Element 8 — Communications and Research Supervision
Explanation: The best remedy is to stop direct release and require a documented pre-publication review by designated supervision or compliance. Research controls are meant to prevent deficient reports from reaching clients by confirming required disclosures and current conflict-status information before distribution.
Research supervision is preventive, not merely corrective. When analysts can publish without a documented control, the supervisor should require a mandatory pre-publication approval by designated supervision or compliance before any report is released. That review should verify issuer-specific disclosures, current restricted-list or wall-crossing status, and any other conflict information that could affect distribution. The firm should also retain an approval record so it can demonstrate the control operated as designed.
Sampling later, relying on the analyst, or using generic disclaimer language leaves the core deficiency in place because the report can still reach clients before the control is applied.
A pre-publication control deficiency is best corrected by mandatory documented review before release to confirm required disclosures and conflict status.
Topic: Element 3 — Business and Operations Supervision
A branch manager reviews a retail account approval package for a client with extensive options experience, high risk tolerance, and substantial liquid assets. The file includes updated KYC, a signed margin agreement, and the options risk disclosure document. The Approved Person requests permission for listed equity options, including uncovered short calls and multi-leg spreads. The branch manager notes that the client’s profile supports the request and enables trading the same day. The dealer’s written supervisory procedures require any account approved for uncovered option writing or other complex derivatives strategies to be reviewed and approved by the designated derivatives supervisor before activation. Which required supervisory control is deficient?
Best answer: A
What this tests: Element 3 — Business and Operations Supervision
Explanation: The decisive gap is the missing escalation required for higher-risk derivatives activity. Because the requested trading includes uncovered option writing and multi-leg spreads, standard branch-manager review does not replace pre-approval by the firm’s designated derivatives supervisor.
When proposed trading moves into higher-risk derivatives strategies, supervision must go beyond the same review used for standard securities. In this file, the ordinary account-approval elements are present: KYC, margin documentation, risk disclosure, and a suitability note. But the nature of the requested activity matters most. Uncovered short calls and multi-leg spreads are the kind of derivatives activity that require specialized supervisory attention before trading is activated.
Better notes or later monitoring can improve the file, but they do not cure a missing required derivatives escalation.
Uncovered option writing and multi-leg spreads trigger specialized derivatives supervision, so standard branch approval alone is insufficient.
Topic: Element 2 — Supervisory Structure
An Investment Dealer’s manual identifies who approves new accounts, who reviews trading exceptions, when issues must be escalated, and what evidence of review must be retained. Which minimum requirement of the dealer’s written supervisory system does this feature satisfy?
Best answer: A
What this tests: Element 2 — Supervisory Structure
Explanation: A written supervisory system must clearly describe who performs supervisory reviews, how they are done, when matters are escalated, and how completion is evidenced. The stem focuses on assigning responsibility and documenting the supervision process, which is a minimum written-system requirement.
The written supervisory system is the dealer’s documented framework for supervision. At minimum, it should do more than state general principles: it should assign supervisory responsibility to specific roles, describe the review or approval process, explain how exceptions are escalated, and require records showing the review occurred. Those elements let the firm demonstrate that supervision is organized, repeatable, and auditable.
In the stem, the manual names who approves accounts, who reviews exceptions, when escalation is required, and what evidence must be kept. That is a direct example of written supervisory duties and escalation procedures. Product review, business continuity, and client disclosure are all important controls, but they serve different functions than mapping the supervision workflow itself.
It reflects the core requirement that supervisory responsibilities, review steps, escalation paths, and evidence of review be clearly set out in writing.
Topic: Element 2 — Supervisory Structure
During a branch audit, Compliance finds that for the past quarter the daily trade-exception report was initialled only by the assistant branch manager. The branch manager says routine items were delegated because alert volumes were high and asks that the finding be closed. Before closing it, what should Compliance verify first?
Best answer: C
What this tests: Element 2 — Supervisory Structure
Explanation: The key issue is not whether the delegate was capable or whether problems occurred. Before closing the finding, Compliance needs evidence that the delegation itself was formally controlled and that the branch manager still retained supervisory responsibility.
Documented delegation controls must show more than informal task-sharing. In a CIRO supervisory setting, the firm should be able to produce a specific record showing what was delegated, to whom, under what limits, how exceptions must be escalated, and how the delegator continues to oversee the activity and remains accountable for it.
Here, the report was initialled only by the assistant branch manager, so the first gap is evidentiary: there is no obvious proof that the delegation was properly authorized and controlled. Experience, training, and the absence of complaints may be relevant later, but they do not establish that the delegation met supervisory-control standards. The main takeaway is that delegation can assign tasks, but it does not transfer ultimate responsibility away from the delegator.
Delegation is only acceptable if it is specifically documented and shows that the delegator kept ultimate supervisory accountability.
Topic: Element 8 — Communications and Research Supervision
An Investment Dealer can archive and supervise routine client email, interactive posts on firm-approved social media, and correspondence generated from approved templates. It cannot capture business messages sent on employees’ personal messaging apps. Which control-channel match identifies a control that is inadequate on its own?
Best answer: C
What this tests: Element 8 — Communications and Research Supervision
Explanation: Employee awareness measures help communicate policy, but they do not capture or retain off-channel business messages. If the firm cannot access the record, it cannot perform meaningful supervisory review or evidence compliance.
The key issue is whether the control lets the dealer actually detect, retain, and review the communication. Post-use review and sampling can be effective for retained channels such as archived email, interactive social media on approved platforms, and correspondence built from approved templates, because the firm has the record and can apply risk-based supervision. Employee awareness controls such as training, reminders, and attestations are supportive controls only. They are inadequate by themselves for business messages on personal apps that the firm cannot capture, because supervision fails before review even begins: there is no reliable record to monitor, test, or produce. The closest distractors involve channels the firm can retain and supervise, which is why post-use review or sampling may be appropriate there.
Awareness alone does not create a record, so off-channel personal-app messages cannot be effectively supervised.
Use the CIRO Supervisor Practice Test page for the full Securities Prep route, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.
Use the full Securities Prep practice page above for the latest review links and practice route.