Membership scrutiny and stricter IT expectations hit crypto platforms – CIRO audit: CSA finds crypto & cloud compliance risks. Specifically, the report highlights three medium-priority findings in CIRO’s operations and separately outlines expectations for improvements to certain policies and procedures.
Want your trades to actually mean something this month? Join the WWFC challenge and trade your way into the top. We’ve already got the team set up — all you need to do is register, trade and go for a piece of the $900K prize pool.
CERTS: Lack of a Full Independent Assessment of Internal Controls
The first finding concerns the lack of a full independent assessment of the internal control system of the Continuing Education Reporting and Tracking System (CERTS).
According to T&C 19(2) of the appendices to the Recognition Orders, CIRO is required to submit, once every two years, a report prepared by a qualified party by established audit standards. The report must confirm the existence of adequate internal controls, including the integration of CERTS into business continuity and disaster recovery plans.
CIRO submitted two penetration test reports on the CERTS system, but…
