Advisory: Readers should note that effective December 15, 2008, Multilateral Instrument 52-109, Certification of Disclosure in Issuers' Annual and Interim Filings, to which this publication refers, was repealed and replaced with National Instrument 52-109 Certification of Disclosure in Issuers' Annual and Interim Filings (NI 52-109) and related forms and policies. The new National Instrument contains changes to issuers responsibilities regarding CEO and CFO certifications. Readers should consult the new National Policy, which is available on the website of the Ontario Securities Commission at www.osc.gov.on.ca. |
The Risk Management and Governance Board of the Canadian Institute of Chartered Accountants commissioned two documents to help CEOs and CFOs and Boards of Directors to fulfill their responsibilities regarding Internal Control over Financial Reporting (ICFR) and the related CEO and CFO certification requirements that are effective in 2006. In their annual certificates for 2006, CEOs and CFOs of companies listed in Canada will have to certify that they are responsible for establishing and maintaining both disclosure controls and procedures (DC&P) and internal control over financial reporting (ICFR), and that they have “designed such internal control over financial reporting…to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with the issuer’s GAAP.” The CEO and CFO certificates are also required to state that “any change in the issuer’s internal control over financial reporting that occurred during the issuer’s most recent interim period that has materially affected, or is reasonably likely to materially affect, the issuer’s internal control over financial reporting” is disclosed in the MD&A. The CSA plans to further expand the CEO/CFO certification in the future to include a certification on the operating effectiveness of ICFR, but separate auditor attestation about ICFR is no longer expected under Canadian requirements. The publications Internal Control 2006: The Next Wave of Certification. Guidance for Management (PDF) This publication provides CEOs and CFOs (and other management) with a top down, risk-based process to follow in certifying the design of ICFR, including a methodology for assessing ICFR design weaknesses and deciding on necessary disclosures. Where appropriate, the challenges of ICFR design (and related certification) for small issuers are acknowledged and additional guidance is provided where possible. Internal Control 2006: The Next Wave of Certification Guidance for Directors (PDF) This publication provides help to audit committees and boards of directors on ICFR and the related certification processes. Audit committees have a direct interest in the certification process because CEOs and CFOs are required to disclose their conclusions about DC&P and provide details about changes in ICFR in the Management Discussion and Analysis (MD&A). The MD&A is a “core document” under Ontario’s legislation for civil liability for secondary market disclosure legislation, and one which audit committees are required to review and boards to approve. Audit committees, therefore, must satisfy themselves that these control-related disclosures are complete and properly described. It is important that directors fully understand the role of ICFR in ensuring reliable financial reporting, and important steps they should take to discharge their responsibilities for internal control and external disclosures and demonstrate they have done so. Recent related publications |
