PDO — CSI Partners, Directors and Senior Officers Course Quick Review

Last revised: June 17, 2026

Quick review for the Canadian Securities Institute PDO exam: governance, supervision, compliance, risk, conflicts, AML, privacy, conduct, and practice strategy.

Quick Review for PDO Candidates

Use this page as a fast, independent review companion for the Canadian Securities Institute CSI Partners, Directors and Senior Officers Course (PDO), exam code PDO. It is designed for candidates who already have the course material and want to consolidate the most testable ideas before working through topic drills, mock exams, and detailed explanations.

The PDO mindset is not “memorize isolated rules.” It is: who is accountable, what risk is present, what control should exist, what must be escalated, and how should the firm protect clients, markets, and regulatory integrity?

PDO Exam Mindset: What the Best Answer Usually Does

In scenario questions, the strongest answer usually:

Protects clients and market integrity first.
Recognizes senior accountability. Delegation is allowed; abdication is not.
Stops or controls questionable conduct promptly.
Escalates to the correct person or function.
Documents the facts, decision, rationale, and follow-up.
Fixes the root control weakness, not just the immediate symptom.
Avoids “disclosure only” answers where a conflict, suitability issue, AML concern, or market conduct issue needs stronger action.

Common weak answers include: “wait and see,” “let the representative handle it,” “accept the client’s consent without analysis,” “ignore because revenue is high,” “handle informally,” or “document after the fact only if questioned.”

High-Yield PDO Topic Map

Area	What to Review	Typical Exam Cue	Strong Answer Pattern
Governance and accountability	Duties of partners, directors, senior officers, executives, supervisors	Senior person “was not directly involved”	Oversight still matters; assess delegation, reporting, monitoring, and escalation
Regulatory framework	Securities regulators, SRO rules, market integrity rules, federal compliance areas	Which rule source applies?	Identify the highest applicable standard and current course rule reference
Registration and proficiency	Approved persons, registration categories, fitness, proficiency, disclosures	Unregistered activity or new role	Do not permit activity until approved/qualified; supervise and update records
Compliance system	Policies, testing, supervision, CCO/UDP-style accountability, reporting	Policy exists but is not followed	Train, monitor, test, escalate, document, remediate
Supervision	Branch, account, trade, product, complaint, and employee supervision	Red flags ignored by supervisor	Escalate; increase supervision; investigate pattern, not just one event
KYC/KYP/suitability	Client profile, product knowledge, recommendations, concentration, leverage	“Client insisted” or signed waiver	Suitability analysis still required; disclosure does not cure unsuitable advice
Conflicts of interest	Identify, control, avoid, disclose, monitor	Proprietary products, referral fees, outside activities	Manage in client interest; avoid if material conflict cannot be controlled
Market integrity	Manipulation, insider information, frontrunning, client priority, best execution	Suspicious orders or MNPI	Stop, restrict, escalate, review records, apply barriers/reporting process
Financial and operations controls	Capital, custody, books, records, reconciliations, reporting	“Back-office issue”	Treat as regulatory risk; fix controls and accountability
AML, sanctions, privacy, cyber	Client ID, beneficial ownership, suspicious activity, records, safeguards	Unusual transactions or information misuse	Follow policy, escalate, avoid tipping off, protect data
Complaints and enforcement	Complaint intake, investigation, reporting, discipline	Private settlement or informal complaint	Preserve records, investigate objectively, respond through approved process

Governance and Senior Accountability

PDO candidates should be comfortable distinguishing oversight, management, and front-line execution. Senior people are not expected to personally perform every control, but they are expected to ensure an effective control framework exists.

Core Governance Rule

A senior person may delegate tasks, but remains accountable for ensuring the task is delegated to qualified people, with clear authority, adequate resources, monitoring, escalation, and documentation.

Role or Function	Core Exam Focus	Common Trap
Partners/directors	Governance, oversight, strategic risk, conflicts, culture, major controls	Thinking the board must run daily operations
Senior officers/executives	Implementation, resources, supervision, tone from the top	Claiming ignorance when warning signs existed
Ultimate senior accountability roles	Overall compliance culture and reporting structure	Treating compliance as “only the CCO’s job”
Chief compliance function	Policies, monitoring, advice, escalation, reporting	Confusing advice/monitoring with business-line ownership
Supervisors/branch managers	Daily conduct, trade/account supervision, exception handling	Ignoring red flags from high producers
Registered representatives/advisors	Client-facing conduct, KYC, suitability, disclosure, fair dealing	Assuming client consent removes regulatory duties
Operations/finance	Records, reconciliations, capital, custody, reporting	Treating operational control failures as non-compliance issues

Delegation Checklist

A delegation answer is strong only if it includes:

Competent delegate with proper registration, proficiency, and experience.
Clear mandate: what authority is granted and what is not.
Written policies and procedures.
Supervision and exception reporting.
Escalation path for breaches, complaints, conflicts, and unusual activity.
Evidence: minutes, approvals, reviews, testing results, and remediation records.

Regulatory Framework Quick Sort

The PDO exam may test whether you know which regulatory lens to apply. Use current CSI course material for exact rule references, terminology, and updates.

If the Scenario Mentions…	Think About…	Exam Decision Point
Registration, proficiency, KYC, conflicts, supervision	Securities legislation and registration/compliance rules	Is the person or firm properly approved and supervised?
Investment dealer conduct, books and records, complaints, margin, supervision	CIRO dealer/member rules in current materials	Does the firm’s policy meet SRO expectations?
Marketplace trading, order handling, manipulation, insider-type conduct	Market integrity rules, including UMIR concepts where applicable	Should the order/trading be stopped, reviewed, or escalated?
Disclosure documents, prospectus exemptions, offering materials	Securities law disclosure and misrepresentation risk	Is the disclosure accurate, complete, and appropriate for the investor?
Suspicious funds, unusual transactions, beneficial owners, sanctions	AML/ATF, sanctions, and financial crime controls	Should the activity be escalated under the firm’s AML process?
Personal information, client files, cyber incident	Privacy, confidentiality, and information security	Was information collected, used, shared, and protected properly?
Fraud, forgery, theft, market abuse	Enforcement, discipline, possible criminal/regulatory implications	Preserve records, escalate, investigate, and report where required

Registration, Proficiency, and Fitness

Registration questions often turn on whether the person is approved for the activity and whether the firm is properly supervising them.

Key Review Points

Do not allow individuals to perform registrable activities unless they are properly registered, approved, and supervised.
Registration is tied to role, activity, firm, jurisdiction, and conditions.
Fitness generally includes integrity, competence, solvency, and conduct history.
Material changes, outside activities, conflicts, disciplinary issues, financial problems, or criminal/regulatory matters may require internal escalation and regulatory updates under current rules.
Titles and marketing descriptions must not mislead clients about registration status, expertise, or authority.

Common Registration Traps

Trap	Why It Is Wrong
“They passed a course, so they can advise immediately.”	Proficiency alone is not the same as registration/approval.
“They are only helping a few clients temporarily.”	Temporary activity can still be registrable and supervised.
“The activity is outside the firm, so the firm has no concern.”	Outside activities can create conflicts, client confusion, and reputational risk.
“The client is sophisticated, so registration rules matter less.”	Client sophistication does not eliminate registration requirements.
“The title is just marketing.”	Titles can mislead and may imply unapproved expertise or authority.

Compliance System and Supervision

A firm’s compliance system should not be a binder on a shelf. PDO questions often test whether the system is designed, implemented, tested, and improved.

Supervision Control Cycle

Stage	What It Means	Evidence to Look For
Policy	Written standard for the activity	Manual, procedures, approval matrix
Training	People understand the requirement	Training logs, attestations, refreshers
Pre-approval	Higher-risk activity is reviewed before execution	New product approvals, outside activity approvals
Monitoring	Ongoing review of activity and exceptions	Trade reviews, surveillance reports, branch reviews
Escalation	Issues reach the right level quickly	Escalation logs, compliance memos
Investigation	Facts are gathered objectively	Interview notes, account review, trade blotter
Remediation	Root cause is fixed	Revised controls, discipline, client remediation
Testing	Controls are independently checked	Audit/compliance testing reports

Red Flags Requiring Escalation

Repeated unsuitable trades or concentration issues.
Unauthorized trading or discretionary activity without proper authority.
Pre-signed forms, altered documents, forged signatures, or backdated records.
Outside activities, referral arrangements, or personal financial dealings with clients.
Complaints, even if verbal or “minor.”
Suspicious transactions, unexplained source of funds, or sanctions concerns.
Trading ahead, insider information concerns, or suspicious order patterns.
High-producing representative with many exceptions.
Vulnerable client concerns, financial exploitation indicators, or unusual third-party influence.
Margin deficiencies, unresolved breaks, capital pressure, or reporting concerns.

KYC, KYP, and Suitability

KYC, KYP, and suitability are connected. A recommendation cannot be properly assessed unless the firm understands both the client and the product.

KYC Review Table

KYC Element	Why It Matters	Common Trap
Investment objectives	Determines purpose and acceptable strategy	Vague objectives like “growth and income” without detail
Risk tolerance	Client’s willingness to accept volatility/loss	Treating aggressive product choice as proof of tolerance
Risk capacity	Client’s financial ability to absorb loss	Confusing wealth with capacity for concentrated loss
Time horizon	Determines liquidity and volatility tolerance	Recommending illiquid products for short-term needs
Financial circumstances	Income, net worth, liquidity, debt, obligations	Ignoring leverage or cash-flow stress
Investment knowledge	Affects explanation and product complexity	Assuming professional status equals product understanding
Tax and liquidity needs	Affects suitability and account strategy	Ignoring tax impact or withdrawal needs
Concentration	Measures exposure to issuer, sector, strategy, product type	Treating each trade as suitable in isolation
Use of leverage	Magnifies gains and losses	Relying on signed risk disclosure only

KYP Review Table

Product Feature	Question to Ask
Structure	How does the product work, and what drives return?
Risk	What can go wrong, and under what market conditions?
Liquidity	Can the client exit, at what cost, and when?
Costs	What fees, embedded compensation, spreads, or penalties apply?
Complexity	Can the representative and client understand it?
Leverage	Does it multiply exposure or downside?
Conflicts	Is the firm, issuer, representative, or affiliate benefiting?
Target investor	For whom is this product appropriate or inappropriate?
Disclosure	Are risks and limits clear, accurate, and not misleading?

Suitability Decision Rules

“The client asked for it” is not a complete suitability answer.
A signed risk acknowledgment does not make an unsuitable recommendation suitable.
Suitability should consider the whole account, not only one trade.
Concentration, liquidity, leverage, time horizon, and risk capacity are frequent exam triggers.
If KYC information is stale, incomplete, or inconsistent, update it before relying on it.
If the representative does not understand the product, the recommendation is suspect.
If a product cannot be explained clearly, it is a red flag for retail suitability.

Conflicts of Interest

PDO questions often test whether the candidate recognizes that disclosure alone may not be enough. The stronger answer is to identify the conflict, assess materiality, avoid or control it where needed, disclose clearly where appropriate, and monitor the result.

Conflict Review Table

Conflict	Risk	Strong Response
Proprietary product recommendation	Firm revenue may influence advice	Compare alternatives, disclose, supervise, ensure suitability
Referral fee	Client may not understand compensation link	Written disclosure, approval, monitoring, suitability maintained
Outside business activity	Client confusion, divided loyalty, undisclosed compensation	Pre-approval, conflict review, restrictions or prohibition
Personal lending/borrowing with client	Undue influence, exploitation, repayment dispute	Usually avoid or prohibit except limited approved cases
Gifts and entertainment	Influence or appearance of influence	Apply policy limits, approval, records
Allocation of scarce securities	Favouritism, unfair treatment	Fair allocation policy and documentation
Research and investment banking	Pressure on objectivity	Information barriers and conflict controls
Personal trading	Front-running or misuse of information	Pre-clearance, restricted lists, monitoring
Compensation grids/sales contests	Incentive to recommend unsuitable products	Review incentives, disclosure, supervision, redesign if needed
Related issuer/connected issuer	Disclosure and suitability concerns	Clear disclosure and enhanced review

Conflict Traps

Assuming “the client signed” resolves the conflict.
Disclosing a conflict in technical language the client is unlikely to understand.
Letting the conflicted person approve their own conduct.
Treating a recurring conflict as a one-time issue.
Ignoring conflicts because the product performed well.
Forgetting that conflicts can be actual, potential, or perceived.

Market Integrity and Trading Conduct

Market conduct questions usually require fast recognition of red-flag trading behaviour. The safest answer often involves stopping the activity, restricting trading, escalating to compliance/supervision, preserving records, and following the firm’s reporting process.

Conduct	Why It Is a Problem	Strong Response
Trading on material non-public information	Unfair market advantage and serious regulatory risk	Do not trade or tip; restrict and escalate
Tipping	Passing confidential material information to others	Stop communication, document, escalate
Front-running	Trading ahead of client or firm information	Review records, restrict, escalate
Manipulative orders	Creates false or misleading market activity	Stop orders, investigate, report as required
Wash trades or matched orders	Artificial activity or price	Surveillance and escalation
Marking the close/open	Artificially influencing benchmark price	Escalate market conduct concern
Spoofing/layering-type patterns	Non-bona fide order activity	Review intent and order pattern; escalate
Ignoring client priority	Unfair treatment of client orders	Apply priority and allocation rules
Poor best execution review	Client may receive inferior execution	Review routing, execution quality, policies
Inadequate information barriers	Confidential information may leak	Reinforce barriers, restrict lists, training

Insider Information Decision Rule

Ask four questions:

Is the information material? Would it reasonably affect price or an investment decision?
Is it non-public? Has it been broadly disseminated?
Is the person in a special or confidential relationship? Consider employment, advisory, deal, issuer, or tipper relationships.
Is trading, recommending, or communicating occurring? If yes, stop and escalate.

Do not choose an answer that allows trading simply because “the client wants to act quickly” or because “the information will be public soon.”

Product, Margin, Leverage, and Credit Risk

Senior officers and supervisors must understand how product and credit risks connect to client protection and firm risk.

Product Approval and Ongoing Review

A strong product governance process considers:

Product structure and payoff.
Issuer, counterparty, liquidity, and valuation risk.
Target market and unsuitable client profiles.
Costs, compensation, and conflicts.
Required representative training.
Required client disclosure.
Supervision and exception reporting.
Stress scenarios and liquidity events.
Ongoing monitoring after launch.

Leverage and Margin Traps

Trap	Better PDO Answer
“The client is wealthy, so leverage is suitable.”	Assess risk capacity, knowledge, liquidity, objectives, and downside.
“The client signed the leverage disclosure.”	Disclosure is not a substitute for suitability.
“The account is profitable, so supervision is fine.”	Suitability and risk controls are assessed independently of outcome.
“Margin deficiency can wait because the client is important.”	Apply firm and regulatory requirements consistently.
“The representative understands the product.”	The client’s profile and understanding still matter.

Financial, Operations, Books, and Records

PDO candidates sometimes under-review operations. That is a mistake. Operations failures can become compliance, client asset, reporting, capital, and enforcement issues.

Control Area	Why It Matters	Red Flags
Capital and liquidity	Firm must remain financially sound	Unexplained losses, late reporting, pressure to defer issues
Custody and segregation	Protects client assets	Reconciliation breaks, unexplained transfers
Books and records	Supports supervision and regulatory review	Missing approvals, backdated notes, incomplete files
Reconciliations	Detects errors, fraud, and control gaps	Repeated unresolved breaks
Trade processing	Accurate settlement and client reporting	Manual overrides, failed trades, allocation errors
Fee and compensation systems	Prevents billing and conflict issues	Undisclosed fees, incorrect rates
Vendor and outsourcing controls	Firm remains accountable for outsourced functions	No due diligence, weak service-level monitoring
Business continuity	Maintains critical services during disruption	Untested plans, key-person dependency

Records Rule of Thumb

If a firm cannot show what happened, who approved it, why it was reasonable, and how exceptions were handled, the exam answer should treat that as a control failure.

AML, Sanctions, Privacy, and Cybersecurity

Financial crime and information protection topics are often tested through red flags. Use the current CSI material for exact obligations, reporting steps, and timing.

AML/ATF Review Points

An effective AML/ATF control environment generally includes:

Client identification and verification processes.
Beneficial ownership and control understanding.
Third-party determination where relevant.
Risk-based client and transaction monitoring.
Enhanced review for higher-risk clients or activity.
Suspicious activity escalation.
Sanctions screening and escalation.
Training, testing, and recordkeeping.

AML Red Flags

Client refuses to provide basic identification or ownership information.
Transactions inconsistent with known business or financial profile.
Unusual movement of funds with no clear economic purpose.
Frequent deposits and withdrawals without investment rationale.
Use of third parties without explanation.
Pressure to avoid normal documentation.
Jurisdictions, entities, or counterparties raising sanctions or financial crime concerns.
Client appears to be acting on behalf of an undisclosed person.

Exam trap: Do not alert the client in a way that could compromise a suspicious activity review. Escalate through the firm’s approved AML process.

Privacy and Cybersecurity Review Points

Topic	What the Exam May Test
Confidentiality	Client information should be accessed and shared only for proper purposes
Consent and purpose	Information collection/use should match legitimate business needs
Safeguards	Physical, administrative, and technical controls matter
Breach response	Escalate quickly; preserve facts; follow incident process
Remote work	Secure devices, approved channels, no informal file sharing
Vendor risk	Outsourcing does not remove firm accountability
Cyber incident	Treat as operational, client, legal, and regulatory risk

Complaints, Investigations, and Enforcement

Complaint questions often turn on whether the issue is handled through a formal, objective, documented process.

Complaint Handling Principles

Treat complaints seriously, including verbal or informal complaints.
Preserve emails, notes, recordings, order records, forms, and account history.
Do not allow the subject of the complaint to control the investigation.
Assess whether supervision failed, not just whether one representative acted badly.
Communicate through approved channels.
Consider client remediation where appropriate.
Escalate and report according to current firm and regulatory requirements.
Watch for repeat patterns involving the same representative, branch, product, or supervisor.

Enforcement-Style Red Flags

Altered documents or forged signatures.
Private settlements outside firm process.
Destroyed or missing records.
Retaliation against complainants or whistleblowers.
Misleading regulators, auditors, or compliance staff.
Failure to supervise known issues.
Repeat exceptions without discipline or remediation.
Senior management ignoring compliance warnings.

Scenario Triage Framework: A.C.T.E.D.

Use this framework when a PDO question gives you a messy fact pattern.

Step	Ask	What to Do
A — Assess facts and role	Who knew what, when, and what authority did they have?	Identify accountable persons and missing facts
C — Control immediate risk	Is there client harm, market abuse, AML risk, privacy breach, or financial exposure?	Stop, restrict, freeze process, or prevent further harm where appropriate
T — Tie to rule/policy	Which regulatory, firm, or supervisory standard applies?	Apply current course rule concepts and firm procedures
E — Escalate and document	Who must know? What record is needed?	Notify supervisor/compliance/senior management/AML/privacy as applicable
D — Design remediation	What caused the problem?	Fix training, systems, supervision, incentives, discipline, or controls

When Two Answers Look Plausible, Prefer the One That…

Escalates earlier rather than later.
Uses independent review rather than self-review.
Protects the client rather than revenue.
Addresses root cause rather than only the immediate transaction.
Documents contemporaneously rather than after discovery.
Applies policy consistently rather than making exceptions for top producers.
Recognizes reputational and regulatory risk, not just legal minimums.

Common PDO Candidate Mistakes

Delegation mistake: Believing a senior officer is safe because a subordinate handled the file.
Disclosure mistake: Treating disclosure as a universal cure for conflicts or unsuitable recommendations.
Outcome bias: Assuming profitable trades prove suitability.
Client-consent mistake: Assuming a client can waive core regulatory protections.
Sophistication mistake: Assuming wealthy or institutional clients eliminate all conduct concerns.
Documentation mistake: Choosing an answer with action but no record.
Escalation mistake: Keeping serious issues within the sales branch.
Policy-only mistake: Assuming a policy is effective without training, testing, and enforcement.
Revenue bias: Giving high producers more flexibility on compliance.
Privacy mistake: Treating client data as available to anyone in the firm.
AML mistake: Asking the client suspicious questions in a way that could tip them off.
Complaint mistake: Ignoring a complaint because it was verbal, emotional, or withdrawn.
Market conduct mistake: Treating suspicious trading as acceptable because the order came from a client.
Product mistake: Recommending complex products without representative and client understanding.
Leverage mistake: Relying only on a signed margin or leverage form.
Conflict mistake: Allowing conflicted people to approve their own activities.
Operations mistake: Dismissing reconciliations, records, or custody issues as “back office only.”
Cyber mistake: Treating cybersecurity as an IT issue rather than a firm governance issue.
Registration mistake: Confusing course completion with approval to act.
Supervision mistake: Reviewing isolated exceptions without looking for patterns.

Quick Self-Test Scenarios

Use these prompts before starting your next question bank session. For each one, decide: issue, accountable person, immediate action, escalation, documentation, remediation.

Scenario	Best Answer Pattern
A top producer repeatedly submits corrected KYC forms after trades.	Investigate pattern, review suitability, escalate, retrain/discipline, improve controls.
A representative wants to trade after hearing confidential issuer news.	Do not trade or tip; restrict and escalate to compliance.
A client complains verbally about unauthorized trades but refuses to write a letter.	Treat as a complaint; document, investigate, preserve records, follow complaint process.
A new high-commission product is being pushed to retirees.	Conduct KYP/product review, conflict review, suitability controls, training, supervision.
A branch manager ignores repeated exception reports because the advisor is profitable.	Escalate supervisory failure; review branch controls and management accountability.
A client sends funds from unrelated third parties with vague explanations.	Escalate under AML process; review client profile and source-of-funds concerns.
A director learns of unresolved reconciliation breaks.	Treat as governance/control issue; require investigation, reporting, remediation.
A representative borrows money from an elderly client.	Conflict/exploitation concern; escalate, investigate, protect client, apply policy.
Marketing uses a title implying expertise not actually approved.	Stop or revise communication; review registration/title rules and approval process.
Client accepts full risk of a concentrated leveraged strategy.	Suitability still required; assess risk capacity, concentration, leverage, documentation.

Last-Week Review Plan

Time Available	What to Do
30 minutes	Review the high-yield topic map and common traps. Mark weak areas.
60 minutes	Do one focused topic drill on governance/supervision and one on client conduct. Review every explanation.
2 hours	Complete mixed questions, then build an error log by topic and mistake type.
Half day	Rotate: quick notes review, topic drills, detailed explanations, then a timed mixed set.
Final day	Focus on error log, red flags, escalation rules, and scenario triage. Avoid learning entirely new detail unless it is repeatedly missed.

Error Log Categories

Track missed questions under these headings:

Governance/accountability.
Registration/proficiency.
Supervision.
KYC/KYP/suitability.
Conflicts.
Market integrity.
AML/privacy/cyber.
Complaints/enforcement.
Financial/operations controls.
“I knew it but chose the weaker action.”

That last category is important. Many PDO misses happen because the candidate recognized the issue but chose a passive or incomplete response.

Final PDO Checklist

Before you move into mock exams, make sure you can explain:

Why delegation does not remove senior accountability.
How to identify the accountable person in a scenario.
When to escalate to compliance, senior management, AML, privacy, or supervision.
Why disclosure alone may be insufficient for conflicts.
How KYC, KYP, and suitability connect.
Why concentration and leverage are high-risk suitability factors.
How to respond to insider information or suspicious trading.
Why verbal complaints still matter.
How records, reconciliations, and operations controls affect compliance.
Why AML concerns must follow approved escalation procedures.
How cybersecurity and privacy incidents become governance issues.
How to choose the answer that protects clients, markets, and firm integrity.

Practical Next Step

Use this Quick Review to identify your weakest PDO areas, then move into original practice questions with targeted topic drills, timed mixed sets, and detailed explanations. Focus especially on scenario questions where the correct answer requires supervision, escalation, documentation, and remediation—not just rule recognition.

Financial Compliance Consequences

Free Practice Exam