CCC — CSI Canadian Compliance Course Exam Blueprint

How to Use This Exam Blueprint

Use this checklist as an independent study map for the Canadian Securities Institute CSI Canadian Compliance Course (CCC), exam code CCC. It is designed for final review and gap-finding, not as an official weighting guide.

Work through it in three passes:

1. Coverage pass: Mark each topic as green, yellow, or red.
2. Scenario pass: For each yellow/red area, explain what a compliance officer, supervisor, or registrant should do in a realistic client or firm situation.
3. Evidence pass: Name the document, record, approval, disclosure, or escalation trail that would prove the firm handled the issue properly.

CCC topic-area readiness table

Can you do this? Core CCC skills checklist

Regulatory framework and compliance function

• Explain why securities compliance focuses on investor protection, market integrity, fair dealing, and confidence in capital markets.
• Distinguish legislation, rules, policies, guidance, firm procedures, and supervisory expectations.
• Identify when a matter belongs to business supervision, compliance review, legal review, operations, senior management, or regulatory reporting.
• Explain the difference between a regulatory requirement and a firm policy that may be stricter than the minimum requirement.
• Recognize that good compliance requires both process and evidence: approval, review notes, exception handling, and retained records.
• Describe how a weak control can create risk even when no client loss has yet occurred.

Registration, roles, and supervision

• Identify activities that generally require appropriate registration, approval, or supervision.
• Distinguish registered individuals, supervisors, branch managers, compliance officers, senior management, and operations staff by function.
• Recognize when a representative’s activity is outside approved duties.
• Identify red flags in outside business activities, referral arrangements, personal financial dealings, and private investments.
• Explain why supervision must be risk-based, documented, and followed up.
• Identify when a supervisor should escalate instead of simply coaching informally.
• Recognize the compliance risk in rubber-stamped approvals, missing review evidence, or repeated exceptions.

Account opening, KYC, and client documentation

• List the client facts needed to support account opening, recommendations, and ongoing suitability review.
• Distinguish identity verification, KYC collection, beneficial ownership review, third-party determination, and account approval.
• Identify missing or inconsistent KYC information.
• Explain why incomplete KYC weakens suitability, supervision, complaint defense, and AML controls.
• Recognize special issues for corporate, trust, estate, joint, managed, discretionary, margin, options, and other higher-risk account types when covered in your CCC materials.
• Identify when updated KYC is required because client circumstances, objectives, risk profile, time horizon, or account activity changed.
• Explain the compliance response when a client refuses to provide required information.
• Distinguish account holder authority, trading authorization, power of attorney, and beneficial ownership.

KYP, product approval, and suitability

• Explain the difference between knowing the client and knowing the product.
• Identify product features that matter for compliance: risk, complexity, cost, liquidity, leverage, tax features, early redemption limits, guarantees, issuer risk, and target investor.
• Recognize when a product requires enhanced due diligence or additional supervisory approval.
• Apply suitability to both recommendations and relevant account events.
• Explain why a trade can be unsuitable even if the client is eligible to buy the product.
• Recognize concentration risk, leverage risk, liquidity mismatch, time-horizon mismatch, and risk-tolerance mismatch.
• Distinguish an unsolicited client order from a recommendation, while still recognizing supervisory and documentation duties.
• Explain what should be documented when a client wants to proceed against advice.
• Identify when disclosure, risk acknowledgment, or client consent does not cure an unsuitable recommendation.

Conflicts, ethics, and conduct

• Identify actual, potential, and perceived conflicts of interest.
• Distinguish conflict avoidance, control, disclosure, supervision, and prohibition.
• Recognize compensation conflicts, referral incentives, sales contests, proprietary products, gifts, entertainment, personal relationships, and outside activities.
• Explain why conflicts should be addressed before harm occurs.
• Identify problematic personal financial dealings with clients, including borrowing, lending, guarantees, shared investments, or acting as executor/trustee where not permitted or not approved.
• Recognize confidentiality issues when a representative discusses one client’s activity with another.
• Apply ethical judgment where a technically possible action is still unfair, misleading, or poorly supervised.

Trading, order handling, and market conduct

• Identify trade supervision red flags: unusual volume, high turnover, short-term trading, concentration, off-book communications, or trades inconsistent with KYC.
• Distinguish client priority, fair allocation, order handling, and trade correction concepts.
• Recognize market manipulation, deceptive trading, wash trades, matched orders, spoofing-style behaviour, and other conduct that distorts market integrity.
• Identify insider trading and tipping concerns involving material non-public information.
• Explain restricted list, watch list, information barrier, and escalation concepts at a practical level.
• Recognize supervision issues in discretionary trading, unauthorized trading, and time-and-price discretion.
• Explain why after-the-fact documentation is weak evidence when approval should have occurred first.

Communications, marketing, disclosure, and reporting

• Identify misleading, exaggerated, promissory, unbalanced, or unsupported statements.
• Distinguish educational material, advertising, sales communication, research-style commentary, and individualized recommendations.
• Recognize when communication requires review or approval under firm procedures.
• Identify issues in social media, texting, personal email, seminars, webinars, and third-party marketing.
• Explain why performance claims must be supportable, balanced, and not cherry-picked.
• Recognize required disclosures related to fees, charges, conflicts, risks, account relationships, and referral arrangements as covered in your course materials.
• Identify the compliance risk of using outdated forms, stale disclosure, or inconsistent client-facing explanations.

Complaints, investigations, and enforcement

• Distinguish a routine service request from a complaint alleging misconduct, loss, misrepresentation, unauthorized trading, unsuitable advice, or poor supervision.
• Identify what belongs in a complaint file: allegation, dates, accounts, trades, people involved, evidence reviewed, response, escalation, and resolution.
• Explain why representatives should not personally settle complaints or discourage escalation.
• Recognize when a matter may require regulatory reporting, internal investigation, client response, or remediation.
• Identify patterns: repeated small complaints, repeated exceptions, branch-level concentration, or recurring documentation failures.
• Explain the difference between correcting a client issue and remediating the control weakness that allowed it.

AML/ATF, sanctions, privacy, and records

• Identify suspicious transaction red flags without relying only on dollar amounts.
• Recognize third-party involvement, beneficial ownership opacity, unusual source of funds, rapid movement of funds, and client reluctance as risk indicators.
• Explain no-tipping-off concerns in suspicious activity handling.
• Distinguish AML obligations from privacy obligations; both can apply at the same time.
• Identify when client information may be shared internally, with service providers, with regulators, or with law enforcement under applicable procedures.
• Recognize recordkeeping failures: missing approval, missing rationale, altered records, off-channel communication, and unsupported supervisory sign-off.
• Explain why cybersecurity, access controls, and data retention are compliance issues, not only technology issues.

Scenario and decision-point checks

Use these prompts to test whether you can apply the CCC material instead of only recalling terms.

Suitability and supervision decision path

    flowchart TD
	    A[Client request, recommendation, or account event] --> B{KYC current and complete?}
	    B -- No --> C[Update client facts and document]
	    B -- Yes --> D{Product or strategy understood?}
	    C --> D
	    D -- No --> E[Complete product due diligence or do not recommend]
	    D -- Yes --> F{Conflict identified?}
	    F -- Yes --> G[Avoid, control, disclose, and escalate as required]
	    F -- No --> H{Suitable and supportable?}
	    G --> H
	    H -- No --> I[Do not recommend; document rationale and escalation]
	    H -- Yes --> J[Proceed only with required approvals, disclosure, and records]
	    I --> K[Supervisory review and follow-up]
	    J --> K

Calculation, ratio, and evidence checks

The CCC is usually more judgment-heavy than calculation-heavy, but compliance scenarios often include numbers. You should be able to interpret simple figures without inventing thresholds that are not provided in your course materials.

\[ \text{Concentration percentage} = \frac{\text{Value of position, issuer, sector, or product type}}{\text{Total account or portfolio value}} \times 100 \]\[ \text{Fee impact in dollars} = \text{Account value or transaction amount} \times \text{Applicable fee rate} \]\[ \text{Percentage change} = \frac{\text{New value} - \text{Original value}}{\text{Original value}} \times 100 \]

Compliance artifact checklist

For each artifact, be ready to answer: What is it for? Who reviews it? What deficiency would matter? What happens if it is missing or inaccurate?

Common weak areas and traps

High-yield “can you explain the difference?” prompts

If you cannot clearly distinguish these pairs, review before doing more practice questions.

Final-week checklist

Knowledge consolidation

• I can describe the purpose of each major compliance control in one or two sentences.
• I can identify who should act first in common scenarios.
• I can explain the difference between KYC, KYP, suitability, conflicts, disclosure, supervision, and documentation.
• I can apply compliance judgment without relying on exact exam weights or memorized chapter order.
• I have reviewed current Canadian Securities Institute CCC materials for terminology and any recent course-specific updates.

Scenario practice

• I have practiced mixed scenarios involving multiple issues, such as KYC plus AML plus suitability.
• I can spot when a question is testing documentation rather than the underlying rule.
• I can identify the best next step when several actions seem plausible.
• I can explain why an answer is wrong, not just why the correct answer is right.
• I have reviewed weak scenarios until I can state the rule, action, and evidence.

Exam-day readiness

• I know the official exam instructions and administrative requirements from the Canadian Securities Institute.
• I can manage time without rushing scenario stems.
• I will read for role, timing, client facts, product facts, approval status, and documentation.
• I will not assume facts that are not in the question.
• I will choose the answer that best protects clients, follows procedure, documents the decision, and escalates when needed.

Practical next step

After you can check most green boxes, move into mixed CCC practice questions. For every missed question, write a three-part correction: rule or concept, scenario trigger, and required compliance action or record. This turns the checklist into exam-ready judgment rather than passive recognition.