CIRO Supervisor Exam Quick Reference

Last revised: June 29, 2026

Compact reference for the CIRO Supervisor Exam covering supervision duties, account approval, suitability, trade review, complaints, conflicts, and conduct risks.

Exam identity and study lens

This Quick Reference supports independent preparation for the Canadian Investment Regulatory Organization CIRO Supervisor Exam using the official exam code Supervisor Exam.

Use it as a practical review sheet for supervision scenarios. The exam generally rewards answers that show a supervisor can:

identify the rule or control objective;
recognize risk indicators before harm occurs;
escalate serious issues promptly;
document evidence of review;
protect clients and market integrity;
distinguish a representative’s duties from the supervisor’s oversight duties.

Exam mindset: supervision is not “checking boxes after the fact.” It is a risk-based control system that prevents, detects, escalates, corrects, and documents.

Core supervisory model

Stage	Supervisor focus	Practical evidence	Common exam trap
Prevent	Policies, training, approvals, restricted activities, pre-trade controls	Written procedures, delegation matrix, pre-approval records	Assuming a good representative needs little supervision
Detect	Exception reports, account reviews, trade blotters, complaint trends, communication review	Daily/monthly review notes, escalation logs, surveillance output	Treating exception reports as optional
Escalate	Serious misconduct, client harm, regulatory breach, market integrity concern	Escalation memo, compliance/legal referral, senior management notice	Trying to resolve a serious issue informally
Correct	Reversal, compensation process, client contact, account restrictions, training, discipline	Remediation plan, client communications, approvals	Letting the representative “fix it” alone
Document	Who reviewed, what was reviewed, result, follow-up, date	Signed/dated records, system notes, audit trail	“I remember reviewing it” with no record

Regulatory hierarchy for scenario questions

Source	What it controls	Exam-useful rule of thumb
Securities legislation and National Instruments	Registration, conflicts, KYC, KYP, suitability, disclosure, complaint standards	If client protection is central, start here
Canadian Investment Regulatory Organization rules	Dealer/member supervision, conduct, business standards, market integrity, approved person obligations	CIRO rules often define the supervisory control expected
Firm policies and procedures	How the dealer operationalizes legal and CIRO requirements	Procedures can be stricter than minimum rules
Account agreements and client instructions	Account authority, margin, options, discretionary authority, trading limits	Written authority matters; verbal permission is often insufficient
Product documents and offering terms	Product risks, restrictions, liquidity, costs, conflicts	KYP requires understanding before recommendation or approval

If sources appear to conflict, the safer exam answer is usually to follow the stricter standard, escalate, and document the rationale.

Key roles and accountability

Role	Primary responsibility	What not to confuse
Dealer/member firm	Maintains the compliance system, supervisory structure, records, controls, and regulatory filings	The firm cannot avoid responsibility by blaming one representative
Ultimate Designated Person / senior leadership	Promotes compliance culture and ensures significant issues receive senior attention	Not the person who reviews every trade
Chief Compliance Officer / compliance function	Monitors and assesses compliance systems, advises, escalates, and reports	Compliance support does not replace line supervision
Supervisor / branch manager / designated supervisor	Reviews activity, approves or rejects items within authority, detects red flags, escalates	Delegating tasks does not eliminate supervisory accountability
Registered representative / approved person	Deals with clients fairly, gathers KYC, makes suitable recommendations, follows policies	Representative judgment does not excuse weak supervision
Operations / back office	Settlement, books and records, account coding, transfers, margin processing	Operational processing is not suitability approval
Client	Provides information and instructions	Client consent does not make an unsuitable or prohibited action acceptable

High-yield supervision lifecycle

Lifecycle point	Supervisor should verify	Red flags	Exam trap
Registration and proficiency	Individual is approved for the activity, product, client type, and supervisory role	Unapproved product line, branch expansion, changed role	Letting experience substitute for required approval
Account opening	Identity, account type, beneficial ownership, authority, KYC, risk profile, disclosure	Missing signatures, third-party instructions, inconsistent wealth source	Approving incomplete accounts because a trade is urgent
KYC updates	Material changes are captured and reviewed	Retirement, job loss, death/divorce, liquidity event, borrowing, major loss	Treating KYC as one-time paperwork
Product approval / KYP	Product risks, structure, costs, liquidity, conflicts, target client, restrictions	Complex, illiquid, leveraged, proprietary, high-commission product	Assuming exchange-listed means low risk
Recommendation / order	Suitability, client interest, risk/return fit, costs, concentration, liquidity	Trade inconsistent with KYC, unsolicited but alarming, pattern of losses	“Unsolicited” does not remove all supervisory concern
Post-trade review	Exceptions, concentration, short-term trading, leverage, unsuitable patterns	Reversals, cancellations, same-day switches, repeated losses	Reviewing only large trades and ignoring patterns
Ongoing account review	Changes in holdings, strategy drift, fee reasonableness, client vulnerability	Dormant account suddenly active, POA activity, excessive fees	No review until a complaint arrives
Communications	Fair, balanced, approved, not misleading, records retained	Promissory language, performance cherry-picking, off-channel messaging	Treating social media as outside compliance
Complaints	Prompt intake, fair investigation, independence, escalation, written response	Representative asks client to withdraw, payment from personal funds	Letting the subject representative control the file
Termination / transfer	Reasons documented, unresolved complaints, suspicious activity, client assets handled properly	Sudden resignation during review, client files removed	Ignoring post-termination regulatory obligations

KYC, KYP, and suitability

Distinction table

Concept	Core question	Supervisor’s exam focus
KYC	Do we know the client well enough?	Complete, current, internally consistent client profile
KYP	Do we understand the product well enough?	Risks, costs, conflicts, restrictions, liquidity, complexity
Suitability	Does this action fit this client, now?	KYC + KYP + client’s interest + reasonable basis
Relationship disclosure	Does the client understand the relationship, services, costs, and limits?	Clear disclosure before or at the required point
Conflict management	Could firm or representative interests impair client-focused advice?	Identify, avoid/control, disclose where appropriate, document

KYC elements to recognize

KYC element	What it affects	Scenario cue
Investment objectives	Return goals and strategy	“Client wants income” but account holds speculative growth names
Risk tolerance	Willingness to accept volatility/loss	Client says “low risk” but buys highly volatile products
Risk capacity	Ability to absorb loss	Retiree depends on account for living expenses
Time horizon	Need for funds	Short horizon conflicts with illiquid or volatile holdings
Investment knowledge	Ability to understand product risk	First-time investor placed in complex strategy
Financial circumstances	Income, net worth, liquidity, debt, tax position	High leverage or concentration relative to assets
Personal circumstances	Age, dependants, employment, health, life events	Vulnerable client or major change not reflected in KYC

Suitability trigger checklist

A suitability review is high-yield when a scenario includes:

recommendation or advice;
accepted order with obvious concern;
new account or account transfer;
material KYC change;
significant deposit, withdrawal, or security transfer;
change of representative or supervisor;
concentration, leverage, illiquidity, or complex product;
client complaint or repeated losses;
switch, rollover, fee change, or product replacement.

Supervisory math and review ratios

Use ratios as indicators, not automatic conclusions. The exam usually tests whether the supervisor investigates, documents, and escalates.

\[ \text{Concentration percentage} = \frac{\text{value in one issuer, sector, product, or strategy}}{\text{total portfolio value}} \times 100 \]\[ \text{Leverage ratio} = \frac{\text{borrowed amount used for investing}}{\text{client equity or net investable assets}} \]\[ \text{Turnover ratio} = \frac{\text{total purchases over period}}{\text{average account equity over period}} \]\[ \text{Cost-to-equity ratio} = \frac{\text{annualized commissions, spreads, and fees}}{\text{average account equity}} \times 100 \]

Metric	Why supervisors use it	Follow-up question
Concentration	Detects overexposure to one issuer, sector, asset class, or strategy	Is concentration intentional, suitable, disclosed, and documented?
Leverage	Detects magnified loss risk and repayment stress	Can the client absorb losses and debt service?
Turnover	Detects excessive trading or strategy mismatch	Is trading consistent with objectives and client benefit?
Cost-to-equity	Detects accounts that must earn unusually high returns just to break even	Are costs reasonable for the service and strategy?
Loss pattern	Detects unsuitable activity, poor controls, or misconduct	Was the strategy reviewed before losses accumulated?

Account approval and client-type traps

Scenario	Supervisory decision point	Safer exam answer
New retail client wants immediate speculative trade	Account/KYC incomplete; product risk may not fit	Complete required account opening, assess suitability, document or reject
Sophisticated client asks to waive protections	Waivers only matter where rules permit and records support them	Do not assume sophistication removes supervision
Corporate account	Authority, beneficial ownership, investment policy, signing officers	Confirm authority before trading
Trust, estate, or power of attorney	Legal authority and fiduciary limits	Verify documents and watch for abuse or conflicts
Joint account	Authority of each holder, instructions, survivorship terms	Do not accept unclear instructions
Fee-based account	Cost reasonableness and service level	Fee account may be unsuitable for buy-and-hold or inactive client
Margin account	Written agreement, risk disclosure, suitability for borrowing	Margin approval is not a substitute for leverage suitability
Options or derivatives account	Product approval, client knowledge, strategy level, risk capacity	Higher complexity requires stronger KYP and supervision
Discretionary or managed account	Proper authority, registration, mandate, IPS, monitoring	Discretion without authority is a major breach
Vulnerable or senior client	Capacity, undue influence, liquidity needs, trusted contact process where applicable	Escalate concerns; do not rely solely on the influencer’s instructions

Trade and account supervision

Pre-trade vs post-trade controls

Control type	Examples	Best used for	Limitation
Pre-trade controls	Product restrictions, account permissions, order limits, margin availability, restricted list checks	Preventing prohibited or clearly unsuitable transactions	Cannot detect every pattern over time
Same-day review	Large trades, high-risk products, new accounts, exception alerts	Fast correction before harm grows	Requires clear escalation authority
Post-trade review	Blotter review, concentration reports, turnover reports, complaint and loss trend review	Detecting patterns, excessive trading, strategy drift	Too late if no remediation follows
Periodic branch review	Files, communications, approvals, training, physical/electronic records	Testing whether controls work	Not a replacement for ongoing supervision

Order review traps

Fact pattern	Issue	Supervisor response
“Client insisted” on risky trade	Unsolicited does not erase all duties	Record as unsolicited if true, assess red flags, escalate if inconsistent or harmful
Multiple small trades avoid review limits	Possible structuring to evade supervision	Aggregate activity and investigate
Frequent switches between similar products	Possible churning, commission generation, unsuitable replacement	Review costs, rationale, benefit, client authorization
Representative uses personal phone/chat	Off-channel communication and record failure	Preserve evidence, escalate, retrain or discipline
Trade before account approval	Control breach and possible unsuitable transaction	Investigate, reverse/remediate if needed, document
Trade in restricted/security watch list name	Market integrity or conflict issue	Escalate to compliance immediately
Late allocation or changed allocation	Fair allocation concern	Review allocation records and rationale
Price or execution complaint	Best execution / fair pricing issue	Investigate order handling, execution venue, disclosure, records

Market integrity and trading conduct

Risk area	Watch for	Supervisory angle
Manipulative or deceptive trading	Artificial volume, matched orders, marking the close/open, layering, spoofing-like patterns	Escalate to market supervision/compliance; preserve order records
Insider information	Trading before material news, unusual client/employee activity	Restrict trading, escalate, protect confidentiality
Front-running	Representative or firm trades ahead of client order	Review timestamps, allocation, employee accounts
Best execution	Poor execution quality, venue concerns, repeated client complaints	Ensure policies, review samples, document exceptions
Short sales and failed settlements	Locate/settlement issues, unusual short activity	Apply firm controls and escalate repeated failures
New issues and allocations	Preferential treatment, conflicts, unsuitable allocations	Review allocation policy and client eligibility
Research and recommendations	Conflicts, unsupported claims, selective distribution	Verify approval and disclosure controls

Conflicts of interest

Conflict type	Example	Expected supervisory treatment
Compensation conflict	Higher commission product recommended over comparable lower-cost option	Identify, assess client impact, control or avoid, disclose where required
Proprietary product	Firm product promoted over third-party alternatives	Confirm KYP, suitability, and balanced disclosure
Outside activity	Representative operates private investment club or referral business	Require disclosure, approval, monitoring, and conflict controls
Referral arrangement	Client referred for compensation	Verify permitted arrangement, disclosure, books and records
Personal financial dealing	Borrowing from or lending to client	Treat as high-risk; escalate and apply firm prohibitions/approvals
Gifts and entertainment	Excessive gifts to or from clients/product issuers	Review for influence, disclosure, and firm limits
Dual role	Representative acts as executor, trustee, POA, beneficiary, or business partner	Escalate; assess conflict, client vulnerability, and approval requirements
Complaint handled by subject rep	Rep pressures client or offers personal settlement	Remove from control of file; escalate immediately

Conflict exam rule: disclosure alone is rarely enough if the conflict can reasonably harm the client or compromise judgment. The supervisor must ensure the conflict is avoided or controlled, with disclosure used appropriately and documented.

Complaint handling reference

Step	Supervisor action	Common trap
Identify	Recognize complaints even if informal, verbal, or framed as “service issues”	Ignoring complaints because no formal letter was sent
Record	Open a complaint record with dates, parties, account, issue, products, and alleged harm	Keeping notes only in representative email
Acknowledge/process	Follow firm and CIRO complaint procedures and prescribed timelines	Missing deadlines because the file is “still being investigated”
Investigate	Use records, trade history, KYC, communications, approvals, and interviews	Letting the representative investigate their own conduct
Escalate	Notify compliance/senior management for serious, systemic, or reportable matters	Treating fraud allegations as ordinary service recovery
Respond	Provide clear outcome, reasons, remediation if any, and required client options	Vague response with no rationale
Remediate	Correct account, compensate through proper channels, discipline/train, update controls	Representative pays client privately
Trend review	Look for repeated issues by rep, branch, product, or process	Closing each complaint in isolation

Conduct red flags and first response

Red flag	Possible issue	First supervisory response
Client signature irregularities	Falsification, unauthorized forms, altered documents	Escalate, secure documents, review affected accounts
Pre-signed or altered forms	Control breach and possible client harm	Stop use, investigate scope, remediate
Off-book investment	Outside business, fraud, unapproved security	Escalate immediately; identify affected clients
Representative controls client email or mail	Concealment, vulnerable client abuse	Contact client through verified channel; escalate
Sudden trading after dormancy	Unauthorized activity or changed circumstances	Confirm instructions and KYC update
Large redemption to third party	Fraud, coercion, money laundering	Verify authority and escalate AML/compliance concerns
Client borrowing to invest	Leverage suitability issue	Assess capacity, disclosure, concentration, and downside
Repeated account losses with high commissions	Churning or unsuitable strategy	Review turnover, costs, rationale, approvals
Product sold outside approved list	KYP/product governance failure	Halt activity, escalate, identify clients
Representative refuses records	Obstruction or concealment	Escalate to compliance/senior management

AML, fraud, privacy, and cybersecurity touchpoints

Area	Supervisor should recognize	Practical action
AML / terrorist financing	Unusual source of funds, third-party payments, rapid in/out movement, reluctance to provide information	Escalate to the firm’s AML process; do not ignore because trade is profitable
Fraud	False documents, impersonation, unauthorized transfers, account takeover	Freeze or restrict where appropriate under firm process; preserve evidence
Privacy	Client information sent to wrong party or accessed without need	Report internally, contain, document, follow breach process
Cybersecurity	Email compromise, phishing, changed banking instructions, remote access request	Verify through trusted channel; escalate technology/security incident
Sanctions / prohibited parties	Name match or suspicious geography	Follow firm screening and escalation procedures before proceeding

Books, records, and evidence

Record type	Why it matters on the exam
New account documents and KYC updates	Proves basis for account approval and suitability
Product due diligence / approved product list	Proves KYP and product governance
Trade blotter and exception reports	Proves supervision occurred and exceptions were resolved
Notes of client instructions	Supports authorization and suitability rationale
Communications archive	Supports complaint investigations and advertising review
Complaint file	Shows fair process, independence, outcome, and remediation
Delegation and approval matrix	Shows who had authority and who escalated
Training and supervision logs	Shows control system, not just isolated review
Branch review reports	Shows testing of procedures and follow-up
Escalation records	Shows serious issues were not buried

Documentation standard: include who reviewed, when, what information was considered, conclusion, follow-up, and closure evidence.

Delegation and escalation

Situation	Can a task be delegated?	Does accountability move?	Exam answer
Clerical checklist completion	Yes	No	Supervisor must verify quality and exceptions
Trade exception pre-screening	Yes	No	Supervisor reviews material exceptions and trends
Account approval authority	Only if permitted by firm procedures and qualifications	No	Improper approval is still a supervisory failure
Complaint investigation	Specialist may assist	No	Independence and escalation are essential
Serious misconduct	No practical “delegation away”	No	Escalate immediately and document
Regulatory inquiry	Specialists/legal may coordinate	No	Preserve records and respond through proper channels

Escalation triggers

Escalate promptly when the scenario includes:

fraud, theft, forgery, misappropriation, or falsified records;
unauthorized or discretionary trading without authority;
client complaint alleging loss, deception, or misconduct;
vulnerable client exploitation;
market manipulation, insider trading, or restricted-list issue;
off-book securities or outside business activity;
systemic control failure affecting multiple clients;
privacy/cyber incident involving client information or assets;
representative obstruction, concealment, or retaliation.

Product and strategy supervision matrix

Product / strategy	Key supervisory concerns	High-yield trap
Mutual funds / funds	Fees, switches, deferred or embedded charges where applicable, concentration, fund risk rating, liquidity	Switching without clear client benefit
ETFs	Market risk, tracking error, liquidity, leveraged/inverse structure	Treating all ETFs as plain index exposure
Structured products	Payoff formula, credit risk, liquidity, caps/barriers, complexity	Client understands headline return but not downside
Bonds / fixed income	Credit risk, duration, liquidity, pricing, yield vs risk	Assuming “fixed income” always means conservative
Equities	Volatility, concentration, insider/market integrity concerns	Single-name concentration overlooked
Options / derivatives	Strategy approval level, leverage, loss potential, expiry, margin	Covered vs uncovered risk misunderstood
Margin / leverage	Borrowing cost, collateral calls, forced sale risk, suitability	Client signs margin agreement but cannot bear loss
Private placements / exempt products	Eligibility, disclosure, illiquidity, valuation, conflicts	Exemption eligibility confused with suitability
New issues	Allocation fairness, conflicts, selling concessions, suitability	Popular issue treated as automatically suitable
Managed / discretionary accounts	Authority, mandate, IPS, performance and fee review	Discretion used in non-discretionary account
Fee-based accounts	Service level, trading frequency, cost comparison	Inactive account charged ongoing advisory fee
Concentrated strategies	Issuer/sector exposure, liquidity, volatility	Client wealth source tied to same issuer/industry

Communications and advertising

Communication type	Supervisor review focus	Problem language
Client email/messages	Recommendations, promises, complaints, instructions, records	“Guaranteed,” “no risk,” “inside track”
Marketing material	Fair and balanced presentation, approvals, risk disclosure	Cherry-picked returns, missing downside
Performance reports	Accurate calculation, period, benchmark, fees	Gross returns presented as client results
Social media	Same standards as other business communication	Unapproved posts, testimonials without controls
Seminars/webinars	Balanced content, approved slides, attendee follow-up	Educational event becomes unapproved sales pitch
Research/commentary	Conflicts, basis for opinions, distribution controls	Selective disclosure or unsupported target

Senior and vulnerable client scenarios

Cue	Risk	Supervisor action
Confusion, memory issues, unusual urgency	Capacity or undue influence	Escalate and follow firm vulnerable client process
New person gives instructions	Financial exploitation	Verify authority; contact client through trusted channel
Large withdrawals inconsistent with history	Abuse, fraud, liquidity stress	Review purpose, KYC, authorization
Client isolated or dependent on representative	Conflict and influence risk	Independent review and possible restrictions
Representative named in client will/POA	Serious conflict	Escalate before accepting instructions or benefit

Fast decision path for exam scenarios

    flowchart TD
	    A[Scenario fact pattern] --> B{Client harm or rule breach possible?}
	    B -- No obvious issue --> C[Apply normal review and document]
	    B -- Yes --> D{Is activity authorized and within account approval?}
	    D -- No --> E[Stop or restrict, escalate, investigate]
	    D -- Yes --> F{KYC current and product understood?}
	    F -- No --> G[Update KYC or KYP; do not approve blindly]
	    F -- Yes --> H{Suitable and in client's interest?}
	    H -- No --> I[Reject, correct, or escalate]
	    H -- Yes --> J{Conflict, complaint, market integrity, AML, or vulnerable client issue?}
	    J -- Yes --> K[Escalate to proper control function and preserve records]
	    J -- No --> L[Approve or close review with rationale]

Common exam traps

Trap	Better answer
“The client agreed, so the supervisor is safe.”	Client consent does not cure unsuitable, unauthorized, misleading, or prohibited conduct.
“The representative is experienced.”	Experience can affect risk rating but does not remove supervisory duties.
“The trade was unsolicited.”	Still review red flags, account approval, market integrity, and documentation.
“Compliance will catch it later.”	Line supervision is a first-line control; compliance monitoring is not a substitute.
“Only written complaints count.”	Treat expressions of dissatisfaction seriously under firm procedures.
“Disclosure fixes conflicts.”	Material conflicts must be addressed; disclosure alone may be insufficient.
“No loss means no problem.”	Rule breaches and control failures matter even without proven loss.
“Small accounts are low risk.”	Vulnerability, leverage, concentration, and misconduct can be present in any account.
“A product approved by the firm is suitable for everyone.”	Product approval supports KYP; suitability is client-specific.
“Delegated review means delegated liability.”	Supervisory accountability remains with the responsible supervisor and firm.

Last-week review checklist

Know the difference between KYC, KYP, suitability, disclosure, and conflicts.
Practice identifying who should act: representative, supervisor, compliance, CCO, senior management, or operations.
For every scenario, ask: authorization, suitability, client interest, conflict, documentation, escalation.
Memorize red flags for unauthorized trading, excessive trading, leverage, vulnerable clients, and off-book activity.
Review how complaints are identified, recorded, investigated, escalated, and resolved.
Be ready to explain why a supervisor must document review, not merely perform it.
Treat serious misconduct as an escalation question, not a coaching-only issue.

Practical next step

Use this Quick Reference to build a one-page error log: for each missed practice question, record the supervisory duty, the red flag you missed, the correct escalation path, and the document that should evidence the review. Then complete another timed practice set focused only on those weak areas.

Scenario Guide

Element 1 — General Regulatory Framework