The Sovereign profile of Tonia runs portfolio synthesis on-site installed in your firm: identifiable client positions, amounts, performance stay in Québec, under your KMS key. The Frontier profile routes product or fund research (no client data) to a frontier-model provider. The locally signed audit log is the element to produce at the IIROC-CIRO annual review — not to reconstruct.
The financial-advisor or brokerage firm — whether an AMF-registered independent firm or a bancassurance subsidiary — operates under a triple regulatory layer: Bill 25 as a private entity, Regulation 31-103 on registration obligations, and the IIROC-CIRO Conduct Code (or the equivalent AMF-supervised obligations for non-IIROC advisors).
The practical consequence is known to every firm that has deployed M365 Copilot or Excel Copilot on representative workstations: Copilot reads the open Excel file, which carries client positions, and sends the content to the model for synthesis. Without specific configuration (M365 Copilot Data Boundary Canada as a paid option), the transfer is undocumented, art. 17 unassessed, and the IIROC audit chain reconstructed retroactively.
(position extraction, performance calculation, index comparisons, quarterly client-presentation prep). Most sensitive case: client positions, amounts under management, and individual performance are sensitive personal information whose leak would be a deontological breach and an AMF flag.
(fund comparison, prospectus verification, structured-product research). Low sensitivity: the request ("Which Canadian large-cap equity funds carry less than 1.5% in fees?") contains no client data. This is the case where generative AI adds value without engaging confidentiality.
(quarterly letters, review presentations, opportunity memos). Sensitive if personalized with the client name, their amounts, or specific objectives. IIROC-CIRO diligence imposes traceability of every written client communication; an unsupervised AI tool makes that traceability fragile.
The on-site tonia installed in the firm absorbs the full synthesis. Client positions, amounts, performance stay on-site; the local model produces the quarterly synthesis; no client data leaves the firm. Bill 25 art. 17 does not apply, for lack of transfer. The signed audit log documents every request for the IIROC-CIRO annual review.
The Frontier profile routes approved requests to a frontier-model provider. The request contains no client information; this profile gives access to a larger-capacity model and broader research.
Personalized content is drafted locally on the on-site tonia (client name, amounts, objectives); the letter skeleton is generated on the Frontier profile from the redacted content; the final version is repersonalized on-site; the client send is traced in the local audit log. The representative can demonstrate to the IIROC-CIRO review that the client communication respected confidentiality.
Independent financial-advisor firm in Quebec City, 7 IIROC-CIRO advisors + 4 support, ~CA$650M AUM across ~280 high-net-worth individual clients, deployed under Tonia — Sovereign profile in Q3-2026. Near-mandatory anonymization. IIROC-CIRO validation referenced via the annual practice auditor.
The firm had been using M365 Copilot on all advisor workstations since 2024. The 2026 publication of the AMF Notice on AI in financial services and a syndic letter adjacent to a colleague triggered an internal review. May audit: default transfer of client positions to Microsoft US servers, without Data Boundary Canada activation, without documented art. 17 assessment, and IIROC audit chain to reconstruct retroactively.
Switch in Q3-2026: on-site tonia in the firm's server room, capacity sized for the quarterly peak (client-review preparation at quarter-end). Policy configured by the PRPRP with the compliance director. 2-h training of the 7 advisors + 1-h training of the 4 support staff. Internal procedure: every portfolio synthesis for client review is marked with a signed audit entry; the final client letter attaches the audit reference to its send.
BLOCK event count (sectoral PII patterns — identifying amounts, advisor's corporate client NEQs)Want to see how this applies to your firm? Start with the free Loi 25 audit, then request a 30-min consultation. We will review your three use cases, AMF or IIROC-CIRO obligations, and on-site tonia sizing if your context calls for it.
Disclosure notice: this page is editorial and reflects Tonia's commercial position. Regulatory references are verifiable at the indicated links. Before acting, validate the obligations specific to your organization with your counsel.