Keep good records to protect your reputation | Financial Services Regulatory Authority of Ontario

As a professional, your reputation is key to protecting and growing your business.

And one of the best ways to do this is by maintaining effective records.

This helps safeguard you from investigations, lawsuits and complaints.

Taking these steps also helps promote consumer confidence in the mortgage brokering sector which makes consumers more likely to use your services.

Maintaining effective records

The first step is to create and implement clear policies and procedures at the brokerage or administrator level
Every agent, broker and staff member must then follow these policies
Brokerages and administrators must also ensure that the right individuals have access to the appropriate records, throughout the prescribed retention period, in a way that protects against falsification or data breaches.
All relevant records must be maintained for 6 years past the expiry date of the transaction. For example, a 5-year mortgage term arranged in 2025 requires its records to be kept until 2036. This applies to documentation for mortgage financing and for the purchase/sale/trade of mortgage investments.
If there is no expiry date, or if the file does not result in a completed transaction (e.g., unfunded loans), documentation must be kept for 6 years from the date it was created.

Which records to keep

An adequate record for a mortgage transaction must include relevant correspondence such as emails, summaries of phone conversations, text messages, letters, etc.

One way to determine whether you’ve kept appropriate documentation is if another agent or broker could take the records and explain the product recommendation without any additional assistance or direction.

But if you’re keeping only the minimum information required to fund a mortgage, the records will not provide the full picture or show the decision-making process.

Therefore, record-keeping policies and processes should be designed to achieve a final document package that meets the technical record-retention requirements while also providing a document-based narrative of what was done, and why.

Access and security

Principal brokers and administrators must have consistent and reliable access to all transaction records – including an agent or broker’s email correspondence with clients relating to mortgage transactions. This is true whether you are using a company-managed email solution or your own email on a platform like Gmail, Yahoo or Hotmail.

You are required to assist your firm in complying with its regulatory obligations, including providing all required documentation. Remember – it’s an offence under the Act if you knowingly do (or don’t do) something that causes your brokerage to be non-compliant.

Brokerages who allow personal email systems

If you are a principal broker permitting the use of personal email systems for business activities, you must arrange controls and agreements with agents and brokers to ensure the brokerage’s access to relevant documentation is safeguarded and accessible throughout the retention period – even if that agent or broker transfers to another company or exits the business.

Both physical and electronic copies of documentation must be safeguarded to prevent document falsification or data breaches.
Be sure to also review the safety and privacy agreements in place with your storage provider to ensure that documents are safe.