Securities Law & Instruments

PDF Version

PDF Version

 

CSA Notice and Request for Comment

Proposed Amendments to
National Instrument 52-108 Auditor Oversight and Proposed Changes to Companion Policy 52-108 Auditor Oversight

 

October 3, 2019

Introduction

The Canadian Securities Administrators (the CSA or we) are publishing for a 90-day comment period the following materials:

• Proposed Amendments to National Instrument 52-108 Auditor Oversight (the Proposed Amendments);

• Proposed Changes to Companion Policy 52-108 Auditor Oversight (the Proposed CP Changes);

(collectively, the Proposed Revisions).

The Proposed Amendments require actions by reporting issuers and participating audit firms that will assist the Canadian Public Accountability Board (CPAB) in accessing audit working papers of component auditors, particularly in certain foreign jurisdictions.

The Proposed CP Changes provide guidance on how we will interpret and apply the Proposed Amendments.

The text of the Proposed Revisions is contained in Annexes A and B of this Notice. Local amendments, if any, are in Annex C of this Notice. This Notice will also be available on the websites of CSA jurisdictions, including:

www.bcsc.bc.ca
www.albertasecurities.com
www.fcaa.gov.sk.ca
www.mbsecurities.ca
www.osc.gov.on.ca
www.lautorite.qc.ca
www.fcnb.ca
nssc.novascotia.ca

Substance and Purpose

The Proposed Revisions aim to respond to challenges CPAB has had in getting access to inspect audit work performed by an audit firm in a foreign jurisdiction that forms part of the audit evidence supporting an auditor's report issued by a participating audit firm (a PAF). An audit firm performing such audit work is commonly referred to as a 'component auditor'.

The Proposed Amendments require a reporting issuer to direct a component auditor that meets significant thresholds (a significant component auditor) to enter into an agreement with CPAB governing access for file inspection (a CPAB access agreement) if the component auditor does not voluntarily provide access to CPAB, upon request, to inspect the audit work it has performed for a reporting issuer audit. If, despite such request, the component auditor does not enter into a CPAB access agreement, a PAF would, after a prescribed period of time for transition, not be permitted to use the audit firm as a significant component auditor.

Background

Several reporting issuers have operations in foreign jurisdictions that differ from the jurisdictions where their head offices are located. This may present challenges for the reporting issuer's auditor due to different languages, laws and business practices in a foreign jurisdiction. In responding to those challenges, a PAF may ask a component auditor to perform work that forms part of the audit evidence supporting the PAF's auditor's report. A component auditor could be a member of the PAF's international network, or an unrelated foreign or domestic audit firm.

If a PAF decides to use the work of a component auditor, the PAF must comply with Canadian Auditing Standard 600 Special Considerations -- Audits of Group Financial Statements (Including the Work of Component Auditors) (CAS 600), which specifies that the PAF is responsible for the direction, supervision and performance of the overall audit. Although CAS 600 requires the PAF to document the type of work performed by a component auditor and the PAF's review of such work, there is no requirement for the PAF to retain in its files a copy of the work performed by the component auditor.

In order to assess whether sufficient audit evidence has been obtained to support the PAF's audit opinion, CPAB has determined that it needs access to a substantial portion of the audit work performed. However, CPAB has encountered some instances where a substantial portion of the audit work has been performed by a component auditor in a foreign jurisdiction, and CPAB was not allowed access to inspect such audit work.

CSA Consultation Paper 52-403 Auditor Oversight Issuers in Foreign Jurisdictions

In April 2017, we published a consultation paper asking for views on whether certain component auditors should be required to register with CPAB. In its comment letter, CPAB took the position that a registration requirement would provide it a legal basis to access audit working papers in most foreign jurisdictions, although there would continue to be a small number of foreign jurisdictions where barriers to access may not be resolved.

We also received responses from six audit firms.

While most firms were supportive of resolving CPAB's challenges in obtaining access, some questioned whether a registration requirement was needed. Some commented that, rather than registration, efforts should instead be made to develop an international solution with regulators and standard setters.

Most of the audit firms noted that, if some form of registration regime was to be introduced, then the focus should be on CPAB access to component auditor working papers. The regime should not include other oversight aspects applicable to a PAF, such as the inspection of an audit firm's system of controls. Some commenters also stated that some foreign laws would likely restrict access even if some form of registration was required.

The consultation paper also asked for views on whether it would be useful to require additional transparency about situations where CPAB has been prevented from inspecting the work of a PAF or component auditor. The commenters did not support a requirement for additional disclosure and noted concerns about the potential for disclosure to be misleading or misunderstood. Based on the responses received, we decided not to develop proposals of this nature.

Summary of the Proposed Amendments

The Proposed Amendments:

• introduce the definition of a significant component auditor, namely a component auditor that

• performs audit work involving financial information related to a component, whose activities the reporting issuer has the power to direct on its own or jointly with another person or company, and

• meets one of the quantitative metrics relating to hours of work, fees paid, or relative size of the component's assets or revenue;

• require a reporting issuer to take all reasonable steps to direct a significant component auditor to provide CPAB with access to inspect the records relating to the component auditor's audit work performed for a reporting issuer audit;

• require a reporting issuer to take all reasonable steps to direct a significant component auditor involved in the audit of its financial statements to enter into a CPAB access agreement if the reporting issuer receives a copy of a notice from its PAF stating that a significant component auditor has failed to provide CPAB access to inspect the significant component auditor's records related to audit work performed. A CPAB access agreement is a written agreement between CPAB and a significant component auditor governing access by CPAB to inspect the significant component auditor's records relating to audit work it has performed in relation to a component of a reporting issuer. The terms and conditions set out in a CPAB access agreement, including the manner and conditions for when access is to be provided, must be agreed to by CPAB and the significant component auditor;

• require a PAF to no longer use a public accounting firm as a significant component auditor after a prescribed period of time, if the PAF receives notice that the public accounting firm has failed to enter into a CPAB access agreement after being requested to do so by a reporting issuer.

Summary of the Proposed CP Changes

The Proposed CP Changes provide guidance on how we will interpret and apply the Proposed Amendments and include, among other things, illustrative examples of how to apply the quantitative metrics that form part of the definition of significant component auditor.

Anticipated Benefits and Costs of the Proposed Amendments

Benefits

Auditors play an important role in the capital markets by providing reasonable assurance that the annual financial statements filed by a reporting issuer are presented fairly in all material respects. To ensure that high quality audits are performed on the financial statements of reporting issuers, we are introducing securities requirements that will reduce the number of situations in which CPAB is not given access to inspect the work performed by component auditors to support audit opinions.

If adopted in their current form, the Proposed Amendments will create a legal requirement for a component auditor to enter into a CPAB access agreement if the component auditor has not provided access voluntarily. We expect that this requirement will address situations where a component auditor will only permit access to a component auditor's records if required by law.

The Proposed Amendments will also provide CPAB a tool to address situations where a significant component auditor prevents CPAB from inspecting its audit work for a reporting issuer audit despite there being no legal restriction.

Costs

If a significant component auditor voluntarily provides CPAB access to inspect its records related to audit work it has performed with respect to a reporting issuer audit, the Proposed Amendments would have no cost implications for a reporting issuer or its PAF.

If a significant component auditor does not voluntarily provide access but enters into a CPAB access agreement after being directed to do so by a reporting issuer, the cost implications are small for the reporting issuer and the PAF. Such costs relate to the requirements for a PAF to forward a notice from CPAB to specified parties, and the reporting issuer to direct the significant component auditor to enter into a CPAB access agreement.

If a significant component auditor fails to enter into a CPAB access agreement with CPAB after being requested to so by a reporting issuer, and the PAF can no longer use the firm as a significant component auditor, there would be a one-time cost for any reporting issuer and PAF that previously used that component auditor. Incremental costs may relate to efforts to identify a new significant component auditor or audit fees for work performed by a PAF or a new component auditor.

Authority for the Instrument

In Ontario, the rule-making authority for the Proposed Amendments is in paragraphs 13, 16, 22, 22.1, 25 and 39 of subsection 143(1) of the Securities Act (Ontario).

Alternatives Considered

In CSA Consultation Paper 52-403 we identified other potential alternatives, such as a more comprehensive component auditor registration requirement or the development of a disclosure-based regime that highlighted access restrictions. After considering the comments received, we concluded that the development of the Proposed Revisions would be an effective way to respond to restrictions that CPAB faces in inspecting audit work performed by component auditors.

Reliance on Unpublished Studies

In developing the Proposed Revisions, we are not relying on any significant unpublished study, report or other written material.

Request for Comments

We welcome your comments on the Proposed Revisions.

We invite comments on the following specific question:

1. The proposed definition of significant component auditor captures audit work on financial information related to a component, whose activities the reporting issuer has the power to direct on its own or jointly with another person or company. Are there specific limitations or concerns with the inclusion of components where the reporting issuer has power to directly jointly with another person or company? If so, please explain.

Deadline for Comments

Please submit your comments in writing on or before January 2, 2020. If you are not sending your comments by email, please send us an electronic file containing submissions provided (in Microsoft Word format).

Address your submission to all of the CSA as follows:

British Columbia Securities Commission
Alberta Securities Commission
Financial and Consumer Affairs Authority of Saskatchewan
Manitoba Securities Commission
Ontario Securities Commission
Autorité des marchés financiers
Financial and Consumer Services Commission (New Brunswick)
Superintendent of Securities, Department of Justice and Public Safety, Prince Edward Island
Nova Scotia Securities Commission
Securities Commission of Newfoundland and Labrador
Superintendent of Securities, Northwest Territories
Superintendent of Securities, Yukon Territory
Superintendent of Securities, Nunavut

Deliver your comments only to the addresses below. Your comments will be distributed to the other participating CSA.

The Secretary
Ontario Securities Commission
20 Queen Street West
19th Floor, Box 55
Toronto ON M5H 3S8
Fax: 416-593-2318
comments@osc.gov.on.ca
Me Philippe Lebel
Corporate Secretary and Executive Director, Legal Affairs
Autorité des marchés financiers
Place de la Cité, tour Cominar
2640, boulevard Laurier, bureau 400
Québec (Québec) G1V 5C1
Fax: 514-864-6381
consultation-en-cours@lautorite.qc.ca

Please refer your questions to any of the following:

British Columbia Securities Commission
Carla-Marie Hait, Chief Accountant and CFO, British Columbia Securities Commission
604-899-6726 | chait@bcsc.bc.ca
Anita Cyr, Associate Chief Accountant, British Columbia Securities Commission
604-899-6579 | acyr@bcsc.bc.ca
Alberta Securities Commission
Janice Anderson, Acting Chief Accountant and CFO, Alberta Securities Commission
403-297-2520 | janice.anderson@asc.ca
Ontario Securities Commission
Cameron McInnis, Chief Accountant, Ontario Securities Commission
416-593-3675 | cmcinnis@osc.gov.on.ca
Mark Pinch, Associate Chief Accountant, Ontario Securities Commission
416-593-8057 | mpinch@osc.gov.on.ca
Autorité des marchés financiers
Rosetta Gagliardi, Analyste expert à la réglementation, Autorité des marchés financiers
514-395-0337 Ext: 4365 | rosetta.gagliardi@lautorite.qc.ca

We cannot keep submissions confidential because securities legislation in certain provinces requires publication of the written comments received during the comment period. All comments received will be posted on the websites of each of the Alberta Securities Commission at www.albertasecurities.com, the Autorité des marchés financiers at www.lautorite.qc.ca and the Ontario Securities Commission at www.osc.gov.on.ca. Therefore, you should not include personal information directly in comments to be published. It is important that you state on whose behalf you are making the submission.

ANNEX A

PROPOSED AMENDMENTS TO NATIONAL INSTRUMENT 52-108 AUDITOR OVERSIGHT

1. National Instrument 52-108 Auditor Oversight is amended by this Instrument.

2. The following is added after Part 3:

PART 3.1

SIGNIFICANT COMPONENT AUDITOR'S WORKING PAPERS

Definitions

7.1 In this Part,

"component" has the same meaning as "component" in Canadian GAAS;

"component auditor" has the same meaning as "component auditor" in Canadian GAAS;

"CPAB access agreement" means a written agreement between CPAB and a significant component auditor governing access by CPAB in order to inspect the significant component auditor's records related to audit work it has performed in relation to a component of a reporting issuer;

"CPAB access-limitation notice" means a written notice issued by CPAB that a significant component auditor has failed to provide CPAB with access in order to inspect the significant component auditor's records related to audit work it has performed for a financial period;

"CPAB no-access notice" means a written notice issued by CPAB that a significant component auditor has failed to enter into a CPAB access agreement after being requested to do so by a reporting issuer;

"significant component auditor" means, with respect to a reporting issuer and its financial statements for a financial period, a component auditor that performs audit work involving financial information related to a component that the reporting issuer has the power to direct on its own or jointly with another person or company, if any of the following apply:

(a) the number of hours spent by the component auditor to perform the audit work in respect of the financial period is 20% or more of the total hours spent on the audit of those financial statements by the reporting issuer's auditor;

(b) the amount of fees paid to the component auditor for the audit work in respect of the financial period is 20% or more of the total fees paid to the reporting issuer's auditor for the audit of those financial statements;

(c) both of the following apply:

(i) the assets or revenues of the component are 20% or more of the reporting issuer's consolidated assets at the end of the financial period or consolidated revenues for that period:

(ii) the number of hours spent by the component auditor to perform the audit work in respect of the financial period exceeds 50% of the total hours spent on audit work relating to the component in connection with the audit of those financial statements.

Reporting Issuer to Direct Provision of Access

7.2

(1) If an audit of a reporting issuer's financial statements for a financial period involves audit work performed by a significant component auditor for the financial period, the reporting issuer must take all reasonable steps to direct the significant component auditor to provide CPAB with access in order to inspect the significant component auditor's records relating to that audit work.

(2) The direction referred to in subsection (1) must be made on or before the date of the auditor's report on the reporting issuer's financial statements referred to in subsection (1).

Failure to Voluntarily Provide Access to Inspect a Significant Component Auditor's Records

7.3

(1) If a participating audit firm receives a CPAB access-limitation notice, the participating audit firm must, not more than 5 business days following receipt of the notice, deliver a copy of the notice to

(a) the reporting issuer identified in the notice;

(b) the audit committee of that reporting issuer; and

(c) the regulator or securities regulatory authority for that reporting issuer.

(2) If a reporting issuer receives a copy of a CPAB access-limitation notice in respect of a significant component auditor, the reporting issuer must, not more than 5 business days following the receipt of the copy of the notice, take all reasonable steps to direct the significant component auditor to enter into a CPAB access agreement.

Failure of a Significant Component Auditor to Enter into a CPAB Access Agreement if Requested To Do So

7.4

(1) If a participating audit firm receives a CPAB no-access notice, the participating audit firm must, not more than 15 business days following receipt of the notice, deliver a copy of the notice to

(a) any reporting issuer audited by the participating audit firm where the public accounting firm identified in the notice was a significant component auditor for the reporting issuer's most recently completed financial period for which an auditor's report has been issued;

(b) the audit committee of each reporting issuer referred to in paragraph (a); and

(c) the regulator or securities regulatory authority for each reporting issuer referred to in paragraph (a).

(2) If a participating audit firm receives a CPAB no-access notice, the participating audit firm must not,

(a) subject to subsection (3), use the public accounting firm referred to in the notice as a significant component auditor in respect of an audit of any reporting issuer's financial statements for a financial period ending more than 180 days after the date of the notice, or

(b) in respect of an audit of a reporting issuer's financial statements for a period ending more than 180 days after the date of the notice, use any other public accounting firm as a significant component auditor in respect of a component of the reporting issuer, where audit work in the current or preceding year was done by the public accounting firm referred to in the notice, unless the other public accounting firm satisfies one or both of the following conditions and delivers a notice to that effect to the participating audit firm and CPAB at least 90 days before the issuance of an auditor's report in respect of that audit:

(i) the other public accounting firm gives an undertaking to CPAB in writing to provide CPAB with prompt access in order to inspect the other public accounting firm's records relating to audit work performed on financial information related to the component of the reporting issuer referred to in the definition of "significant component auditor" in section 7.1;

(ii) the other public accounting firm has entered into a CPAB access agreement in respect of the reporting issuer.

(3) Paragraph (2)(a) does not apply in respect of a financial period of a reporting issuer ending at any time if

(a) CPAB has notified the participating audit firm that the significant component auditor has entered into a CPAB access agreement in respect of the reporting issuer before that time; and

(b) CPAB has not, before that time, notified the participating audit firm that it has withdrawn from that CPAB access agreement..

3. Subsection 8(3) is amended by replacing "Except in Ontario" with "Except in Alberta and Ontario".

4. This Instrument comes into force on [•].

ANNEX B

PROPOSED CHANGES TO COMPANION POLICY 52-108CP AUDITOR OVERSIGHT

1. Companion Policy 52-108 Auditor Oversight is changed by this Document.

2. The following is added at the end of the Companion Policy:

Section 7.1 -- Definition of Component and Component Auditor

The terms "component" and "component auditor" have the same meaning as "component" and "component auditor" in Canadian GAAS. As a result, the terms are interpreted in a manner consistent with how the terms are used in Canadian Audit Standard 600 Special Considerations -- Audits of Group Financial Statements (Including the Work of Component Auditors) (CAS 600).

In CAS 600, the term "component" means an entity or business activity for which a group or component management prepares financial information that should be included in the group financial statements, and the term "component auditor" means an auditor who, at the request of the group engagement team, performs work on financial information related to a component for the group audit.

Section 7.1 -- Definition of CPAB Access Agreement

The Instrument does not prescribe the content to be included in a CPAB access agreement. It is not intended to be equivalent to a "participation agreement". The terms and conditions set out in a CPAB access agreement, including the manner and conditions for when access is to be provided, will be agreed to by CPAB and the significant component auditor.

Section 7.1 -- Definition of Significant Component Auditor

A component controlled or jointly controlled by a reporting issuer

The definition of significant component auditor refers to a component auditor that performs work on financial information related to a component of a reporting issuer that the reporting issuer has the power to direct on its own or jointly with another person or company. Financial information related to a component that a reporting issuer does not have power to direct, at least jointly, is excluded from the definition.

For example, under IFRS, a subsidiary or joint arrangement are captured by the reference noted above in the significant component auditor definition, whereas an investment that is accounted for using the equity method of accounting, or a variable interest entity that a reporting issuer does not have power to direct on its own or jointly with another person or company, is not captured.

Determination of what constitutes an 'audit hour' or 'audit fee'

The term 'hours' in this Instrument refers to 'audit hours' and is intended to include any hours that are billed in respect of a financial period as 'audit fees' or 'audit-related fees', as those terms are described in Forms 52-110F1 Audit Committee Information Required in an AIF and 52-110F2 Disclosure by Venture Issuers (52-110 Forms).

The term 'fees' in this Instrument is intended to include any fees that are billed in respect of a financial period as 'audit fees' or 'audit-related fees', as those terms are described in the 52-110 Forms.

Determination of percentage of audit hours spent by a component auditor on a financial statement audit

Paragraph (a) in the definition of significant component auditor applies if the number of hours spent by the component auditor to perform the audit work in respect of the financial period is 20% or more of the total hours spent on the audit of the reporting issuer's financial statements by the reporting issuer's auditor.

For example, if a reporting issuer audit took 100 hours to complete, and the reporting issuer's auditor performed 80 hours of audit work, and the component auditor performed 20 hours of audit work, paragraph (a) of the definition would apply since the hours spent by the component auditor would be 25% (20 hours / 80 hours) of the audit hours spent by the reporting issuer's auditor.

Determination of percentage of audit fees paid to a component auditor for the financial statement audit

Paragraph (b) of the definition of significant component auditor applies if the amount of fees paid to the component auditor for the audit work in respect of the financial period is 20% or more of the total fees paid to the reporting issuer's auditor for the audit of the reporting issuer's financial statements.

For example, if a reporting issuer paid $100,000 for the audit of its financial statements, and $80,000 of the fee was paid to the reporting issuer's auditor for its audit work, while $20,000 of the fee was paid to the component auditor for its audit work, paragraph (b) of the definition would apply since the percentage of fees paid to the component auditor would be 25% ($20,000 / $80,000).

Determination of number of audit hours a component auditor spent on a significant component

Subparagraph (c)(i) of the definition of significant component auditor applies if a reporting issuer has a component with assets that represent 20% or more of the reporting issuer's consolidated assets at the end of the financial period, or revenues that represent 20% or more of the consolidated revenues for the financial period, and it has the power to direct the activities of the component on its own or jointly with another person or company. If subparagraph (c)(i) applies, subparagraph (c)(ii) of the definition would be considered.

Subparagraph (c)(ii) of the definition of significant component auditor applies if the number of hours spent by the component auditor to perform the audit work in respect of the financial period exceeds 50% of the total hours spent on audit work relating to a component that meets the application requirements in subparagraph (c)(i) of the definition.

For example, assume a reporting issuer has a subsidiary (Component A) that has revenues representing 30% of the consolidated revenues of the reporting issuer, and therefore satisfies subparagraph (c)(i) of the definition. If the audit of Component A took 10 hours to complete and the component auditor performed 6 hours of the audit work and the reporting issuer's auditor performed 4 hours of the audit work, the work performed by the component auditor would satisfy subparagraph (c)(ii) of the definition. The component auditor would have performed 60% (6 hours / 10 hours) of the total hours to audit the component for the reporting issuer audit. The component auditor would therefore meet the definition of a significant component auditor.

In the example above, the 6 hours of work performed by the component auditor would represent the amount of time spent to perform audit work in connection with the audit of the reporting issuer's financial statements. If additional audit work was performed to support the completion of a separate audit engagement (e.g., the audit of the standalone financial statements of Component A), those audit hours would be excluded from the calculation in subparagraph (c)(ii).

Section 7.2 -- Reporting Issuer to Direct Provision of Access

Section 7.2 requires a reporting issuer to, on or before the date of the auditor's report on the reporting issuer's financial statements for a financial period, take all reasonable steps to direct a significant component auditor to provide CPAB with access in order to inspect the significant component auditor's records relating to the audit work performed for those financial statements. Effectively, the reporting issuer communicates that it is requesting that CPAB have access in order to inspect the significant component auditor's working papers relating to the audit work performed on the reporting issuer's financial statements.

A reporting issuer can direct a significant component auditor to provide CPAB with access to inspect the significant component auditor's records by communicating directly with the significant component auditor (e.g., a letter to the significant component auditor), or indirectly through the reporting issuer's auditor (e.g., state in the engagement letter with the reporting issuer's auditor that it shall inform all significant component auditors involved in the audit that the reporting issuer is directing them to provide CPAB with access to inspect the work they perform in connection with the reporting issuer's audit).

Subsection 7.3(1) and Subsection 7.4(1) -- CPAB Access-limitation Notice and CPAB No-access Notice

Both subsection 7.3(1) and subsection 7.4(1) of the Instrument require a participating audit firm to deliver a copy of a notice to the regulator or securities regulatory authority. The securities regulatory authorities will consider the delivery requirement to be satisfied if a copy of the notice is sent to auditor.notice@acvm-csa.ca.

The Instrument does not prescribe the content of a CPAB access-limitation notice and CPAB no-access notice. If a copy of a CPAB access-limitation notice or CPAB no-access notice is delivered to the email address identified above, the communication should identify each regulator or securities regulatory authority that is to receive a copy of the notice if such information is not specified in the notice.

Subsection 7.3(2) -- Impact of a Significant Component Auditor Being Directed to Enter into a CPAB Access Agreement

If subsection 7.3(2) applies, the significant component auditor and CPAB would immediately begin the process of negotiating a CPAB access agreement. The negotiations should be completed in a reasonable period of time, which normally is not expected to exceed 45 business days.

Section 7.4 -- Impact of Participating Audit Firm Receiving a CPAB No-access Notice

A participating audit firm will receive a CPAB no-access notice if it has used the public accounting firm named in the notice as a significant component auditor for one or more recently completed reporting issuer audits.

If a participating audit firm receives a CPAB no-access notice and was planning to use the public accounting firm named in the notice as a significant component auditor for an upcoming reporting issuer audit, it may continue to do so provided that the reporting issuer's upcoming year end is less than 180 days after the date of the notice.

If a reporting issuer's upcoming year end is more than 180 days after the date of the notice, the participating audit firm may not use the public accounting firm named in the notice as a significant component auditor for the reporting issuer's upcoming year end unless CPAB has notified the participating audit firm that the named firm has entered into a CPAB access agreement in respect of the reporting issuer before the reporting issuer's year end.

The participating audit firm also must not use any other public accounting firm as a significant component auditor for the audit of the reporting issuer's financial statements unless the other public accounting firm delivers a notice to the participating audit firm and CPAB at least 90 days before the issuance of an auditor's report in respect of that audit stating that it has given an undertaking to CPAB or entered into a CPAB access agreement and, in addition, one or both of the following apply:

• the other public accounting firm gives an undertaking to CPAB in writing to provide CPAB with prompt access in order to inspect its records relating to audit work related to the relevant component of the reporting issuer, if requested to do so, or

• the other public accounting firm has entered into a CPAB access agreement in respect of the reporting issuer.

Participating audit firms should consider how they track the use of component auditors for their reporting issuer clients to meet the requirements of subsection 7.4(1) within the specified time period of 15 business days..

3. These changes become effective on [•].

ANNEX C

LOCAL MATTERS ONTARIO SECURITIES COMMISSION

Description of Anticipated Costs of Proposed Amendments

The following discussion has been provided to supplement the costs discussion in the attached notice:

General cost implication on reporting issuer population that use a component auditor

As of December 31, 2018, there were approximately 4,900 reporting issuers in Canada.{1} Approximately 2,965 of those reporting issuers were listed issuers in Canada, which represented a total market capitalization of 2.5 trillion.{2} This population included 232 reporting issuers with one or more significant operations{3} in a foreign jurisdiction (excluding the United States, the United Kingdom and Australia) that used a component auditor, which represented a total market capitalization of $158.9 billion.{4} For these reporting issuers there were significant operations in 1_1_1 foreign jurisdictions.{5}

The Proposed Amendments would require significant component auditors for these 232 reporting issuers to enter into a CPAB Access Agreement if they are not prepared to voluntarily provide CPAB access to inspect the work performed for a reporting issuer audit when requested. The terms and conditions set out in a CPAB Access Agreement for each component auditor, including the manner and conditions for when access is to be provided, must be agreed to by CPAB and the significant component auditor. For example, if the component auditor identifies specific legal restrictions in their local jurisdiction that prevent CPAB from being able to inspect their work, and such restrictions are set out in the CPAB Access Agreement as a condition that must be addressed before CPAB can be provided access to inspect, then both parties would be able to enter into a CPAB Access Agreement without the significant component auditor being offside on local law in their jurisdiction.

CPAB has requested and been denied access in China, Mexico and Tunisia{6}, which represent 43 of the reporting issuers (market capitalization of $36.9 billion) identified above that use a component auditor.{7} CPAB has represented that, if the proposed rules were in place, the component auditors for each of these entities would be able to enter into a CPAB Access Agreement if they so choose. The CPAB Access Agreement would not necessarily result in CPAB having immediate access to inspect work in each of the noted countries if the agreement identifies specific jurisdictional restrictions that continue to prevent access.

With respect to the remaining 189 reporting issuers, which have significant operations in 108 different foreign jurisdictions, it is unknown how many of their significant component auditors would not be prepared to voluntarily provide CPAB access to inspect if requested. However, CPAB is of the view that none of those jurisdictions has any legal impediments to a significant component auditor entering into a CPAB Access Agreement. It would therefore be the component auditor's choice whether to do so. The CPAB Access Agreement would not necessarily result in CPAB having immediate access to inspect work in all 108 foreign jurisdictions since each agreement is separately negotiated and could identify specific jurisdictional restrictions that continue to prevent access.

As a result, the following one-time costs are expected for each stakeholder if a component auditor does not voluntarily provide CPAB access to inspect their work upon request, and a CPAB Access Agreement is needed:

Reporting Issuer -- The only action that needs to be undertaken is a one-time request for the reporting issuer's significant component auditor to enter into a CPAB Access Agreement. The cost is nil.

Participating Audit Firm (PAF) -- The only action that needs to be undertaken is the forwarding of a notice received from CPAB to the reporting issuer to initiate their request for the significant component auditor to enter into a CPAB Access Agreement. The cost is nil.

Component Auditor -- CPAB Access Agreements are anticipated to be a standard form agreement, except for any conditions that are agreed to by both the component auditor and CPAB. If specified conditions are needed, then external costs may be incurred by the component auditor to obtain a legal opinion to support any specific legal restrictions in the foreign jurisdiction that prevent access.{8} It is at CPAB's discretion whether a legal opinion would be needed based on the facts and circumstances for each foreign jurisdiction.

In addition to any potential costs incurred to obtain a legal opinion, it is estimated that approximately 10 hours of time would be incurred by members of an audit firm's general counsel's office to agree on any specified conditions. Assuming an executive level internal legal counsel involved in such work has an average salary of $204,500{9}, is allocated an overhead charge of approximately 25%, and the time allocated represents 0.5%{10} of time the individual spends in a given year, the total internal cost is approximately $1,278 to finalise an agreement.

CPAB -- Since the CPAB Access Agreements are anticipated to be a standard form agreement, the cost would primarily pertain to discussions with a component auditor's internal counsel on any potential terms and conditions. The cost implications have been discussed with CPAB, and they are of the view that the benefits of entering into a CPAB Access Agreement will outweigh the costs they would incur.

Specific cost implications if a significant auditor fails to enter into a CPAB access agreement:

The Proposed Amendments contemplate situations where a significant component auditor may choose not to enter into a CPAB Access Agreement. Since CPAB is not aware of any barriers in a specific foreign jurisdiction that would inhibit a significant component auditor from entering into a CPAB Access Agreement, these situations are only anticipated to occur when a significant component auditor does not wish to provide CPAB access to inspect its work.

If a component auditor fails to enter into a CPAB Access Agreement, then the PAF will no longer be permitted to use that component auditor after a prescribed period and will need to either identify a new component auditor to perform the work or perform the work itself.

The following costs are anticipated for each stakeholder if a new component auditor is used:

Reporting Issuer -- The reporting issuer's audit committee will be responsible for overseeing the work of the PAF, which would include any changes to the significant component auditor(s) that are used to perform the audit. This oversight function is performed by a reporting issuer's audit committee each year, so the additional cost is essentially nil. It is possible that a new component auditor could charge a fee for service that differs from the fees charged by the prior component auditor, however it is anticipated that if the work being performed is identical then the fees for service would be substantially similar.

PAF -- The PAF will need to employ a process to identify a new component auditor that has sufficient expertise to perform the work and is prepared to either provide CPAB access to inspect voluntarily or enter into a CPAB Access Agreement. The process to identify the new component auditor is estimated to be 10 hours. It is assumed that this process would primarily be undertaken by a Chartered Professional Accountant involved in the audit engagement with approximately 5 to 8 years experience, and an annual salary of $127,000{11}. Assuming an overhead charge of 25%, and the time allocated represents 0.5%{12} of time an individual spends in a given year, the total internal cost anticipated to be incurred by the PAF is $794.{13}

New Component Auditor -- The new component auditor may need to enter into a CPAB Access Agreement if it is not able to voluntarily provide access. As noted above, the total internal cost anticipated to finalize an agreement would be $1,278. Additional external costs would be incurred if a legal opinion were needed.

CPAB -- The new component auditor may need to enter into a CPAB Access Agreement if it is not able to voluntarily provide access. As noted above, CPAB is of the view that the benefits of entering into a CPAB Access Agreement will outweigh the costs that they would incur.

If the PAF were to decide to perform the procedures previously performed by a significant component auditor, rather than identifying a new component auditor, then there may be additional costs incurred by the PAF that would not have been charged by a component auditor (e.g., travel, translation, etc.). These costs will vary depending on the extent of work performed and the location where the work is performed. Any such costs would need to be discussed with a reporting issuer's audit committee as part of agreeing on the work to be performed for each year's audit.

{1} Exchange-traded funds have been excluded from the total since it would be highly unlikely for a significant component auditor in a foreign jurisdiction to be used for these audits.

{2} This figure is based on (i) 804 TSX and 1,707 TSXV listed issuers as of December 31, 2018; (ii) 448 CSE listed issuers as of December 21, 2018 and (iii) 6 NEO Aequitas listed issuers as of December 21, 2018. All figures exclude exchange-traded funds. Please see the December 2018 MiG Report and related MiG Lists for further information regarding TSX and TSXV issuers https://tsx.com/listings/current-market-statistics/mig-archives

{3} Significant operations are subsidiaries or components, the assets or revenues of which constitute 20% or more of the reporting issuer's consolidated assets or revenues.

{4} CPAB Report Access to Foreign Jurisdictions, March 2019.

{5} Ibid.

{6} Ibid.

{7} Number of reporting issuers and market capitalization provided by CPAB.

{8} The time and cost necessary to provide a legal opinion could vary widely based on the complexity of the laws in a specific foreign jurisdiction. As a result, an estimated cost for a legal opinion has not been provided.

{9} The average salary figure provided is based on information from the Counsel Network In-House Counsel Compensation & Career Survey Report 2018. This figure is based on the average Canadian salary, which may differ from the average salary for an equivalent position in a foreign jurisdiction.

{10} Assuming a 40-hour work week, which is equivalent to 2,080 hours per year.

{11} The salary figure provided is based on information from Robert Half 2018 Salary Guide for Accounting and Finance Professionals. This figure is based on information regarding Canadian salaries, which may differ from the salary for an equivalent position in a foreign jurisdiction.

{12} Supra Note 10.

{13} Since these costs could be viewed as directly attributable to a reporting issuer's audit, the PAF may include all, or a portion, of these one-time costs as part of the audit engagement fee for a reporting issuer audit.