Assurance on Capital, Leverage and Liquidity Returns

Assurance on Capital, Leverage and Liquidity Returns FEDERALLY REGULATED INSURERS AND DEPOSIT-TAKING INSTITUTIONS Discussion Paper April 2021

1

-- TABLE OF CONTENTS Executive Summary 2 1 - Introduction 3 2 - Background 4 3 - Guiding Principles of the Initiative 5 4 - Scope of the Initiative 6 5 - Current Landscape and Key Issues 7 6 - Assurance Expectations for Capital, Leverage and Liquidity Returns 9 7 - Process and Next Steps 20 Annex 1 – List of Discussion Questions 21 Annex 2 – Glossary - Acronyms 23

2 Executive Summary OSFI is proposing to broaden expectations in the following areas to enhance and align assurance expectations over capital, leverage and liquidity returns: • External audit opinion – External audit on key regulatory ratios including related controls and processes; • Senior management attestation – An attestation by senior management on key regulatory returns following an internal review of the returns; and • Internal audit opinion – Internal audit on key regulatory returns including related controls and processes. The Office of the Superintendent of Financial Institutions Canada (OSFI) mandate is to protect policyholders, depositors and creditors while allowing financial institutions to compete and take reasonable risks. OSFI is continuously looking at ways to improve the consistency, accuracy and timeliness of risk assessments in the insurance and deposit-taking industries. This effort responds to the increasing complexity arising from the evolving regulatory reporting framework, particularly changes resulting from International Financial Reporting Standards 17 Insurance Contracts (IFRS 17) and the Basel III reforms1, respectively. 1 Basel III: international regulatory framework for banks The purpose of this discussion paper is to engage federally regulated financial institutions (FRFIs), and other interested stakeholders in a dialogue with OSFI, to proactively enhance and align assurance expectations over key regulatory returns which contribute to OSFI’s assessment of the safety and soundness of FRFIs. Responses to this discussion paper will inform the development of future OSFI guidance with respect to assurance expectations on regulatory returns. All consultation questions are summarized in Annex 1, and stakeholders are asked to submit feedback no later than June 18, 2021, to Assurance@osfi-bsif.gc.ca.

3 1 Introduction 1.1 OSFI’s mandate is to protect depositors, policyholders and creditors by: i) developing a regulatory framework for financial institutions to manage and mitigate risk, ii) assessing the safety and soundness of financial institutions, and iii) intervening promptly when corrective actions are needed. OSFI recognizes the importance of allowing financial institutions to compete effectively and take reasonable risks, and holds boards and senior management ultimately responsible for the activities of their institutions. 1.2 As noted in OSFI’s Strategic Plan 2019-20222, OSFI applies a risk-based and principles-based approach to regulation and supervision, and is looking at ways to further improve the consistency, accuracy and timeliness of risk assessments. Given the increasing complexity of upcoming changes to regulatory reporting frameworks due to IFRS 17 and Basel III reforms, this initiative aligns with OSFI’s Strategic Goal 1 of improving a FRFI’s resilience to financial risks. 2 OSFI Strategic Plan 2019-2022, April 2019 1.3 This initiative also aims to proactively enhance and align OSFI’s assurance expectations over key regulatory returns including capital returns for insurers, and capital, leverage and liquidity returns for deposit-taking institutions (DTIs). Enhancing and aligning assurance expectations increases OSFI’s confidence in the accuracy and completeness of these returns which are used for effective supervision. To promote greater transparency and early engagement from stakeholders, this discussion paper provides an opportunity for OSFI to share its preliminary views on assurance expectations, and invites feedback from interested stakeholders to guide the development of enhanced expectations in a subsequent draft guideline.

4 Background 2 OSFI is proposing to enhance and align assurance expectations on the capital, leverage and liquidity returns. 2.1 Currently, OSFI has a range of assurance expectations for capital, leverage and liquidity returns. Overall, the financial statement note disclosures on capital and leverage are audited by external auditors. In addition, senior management and the internal audit function perform important control and oversight roles over the capital, leverage and liquidity returns. OSFI also reviews the regulatory returns as part of the supervisory process. For insurers, external auditors provide assurance on the summary pages of the insurance capital returns. The insurer’s authorized official also provides a signature on the capital returns3 to indicate verification of the return information and attestation to its accuracy. For DTIs using the internal ratings-based approach for credit risk, senior management submits an annual attestation for compliance with minimum regulatory requirements for regulatory capital models, and an internal audit opinion is submitted for approved regulatory capital models. For DTIs using the standardized approach for credit risk, the internal audit function also performs a periodic review of the Basel Capital Adequacy Return (BCAR) that is submitted to OSFI’s Lead Supervisors. 3 The authorized official provides a signature on the P&C 1 which contains the MCT capital pages. 2.2 The complexity of regulatory returns continues to increase due to the upcoming changes of IFRS 17 and the Basel III reforms. For example, the insurance capital guidelines and regulatory returns are being revised in preparation for the adoption of IFRS 17. The Basel Committee on Banking Supervision also conducted a thorough review of risk weights as part of the development of the Basel III reforms. Given the complexity of the evolving nature and upcoming changes on regulatory returns for insurers and DTIs, OSFI is proposing to enhance and align assurance expectations on the capital, leverage and liquidity returns.

5 3 Guiding Principles of the Initiative 3.1 In this discussion paper, OSFI’s assurance expectations for key regulatory returns for insurers and DTIs are guided by the following principles: i) The development of assurance expectations should contribute to the protection of policyholders, depositors and creditors, and allow institutions to compete and take reasonable risks. ii) Assurance expectations should be risk-based and principles-based, consistent with OSFI’s approach to providing guidance. iii) Assurance expectations should be based on OSFI’s reliance on external auditors and the use of work of others, including a FRFI’s oversight functions. iv) Assurance expectations should be adapted to reflect the size, nature, complexity and business activities of financial institutions.

6 4 Scope of the Initiative OSFI is proposing to have assurance expectations apply to capital returns of all federally regulated insurers, and capital, leverage and liquidity returns of all federally regulated DTIs. 4.1 Regulatory capital, leverage and liquidity returns are key contributors to the assessment of safety and soundness of a FRFI. To promote consistency across institutions, OSFI is proposing to have assurance expectations apply to the capital returns of all federally regulated insurers. The regulatory returns and guidelines in scope for life insurers, property and casualty (P&C) insurers, and mortgage insurers include the Life Insurance Capital Adequacy Test (LICAT), Minimum Capital Test (MCT) and Mortgage Insurer Capital Adequacy Test (MICAT), respectively. 4.2 OSFI also proposes to have the assurance expectations apply to the capital, leverage and liquidity returns of all federally regulated DTIs. The regulatory returns in scope for domestic systemically important banks (D-SIBs) and small and medium￾sized deposit-taking institutions (SMSBs)4 include the BCAR, Leverage Requirements Return (LRR) and Liquidity returns for the Liquidity Coverage Ratio (LCR), Net Stable Funding Ratio (NSFR), Net Cumulative Cash Flow (NCCF) and the Operating Cash Flow Statement (OCFS). The associated guidelines include the Capital Adequacy Requirements (CAR), Leverage Requirements (LR), Total Loss Absorbing Capacity (TLAC), and Liquidity Adequacy Requirements (LAR). 4 Consistent with the proposed SMSBs’ Capital and Liquidity Requirements, the assurance expectations for SMSBs do not apply to Foreign Bank Branches. 4.3 OSFI’s initiative to advance proportionality in the capital and liquidity regime for SMSBs includes proposed changes to the SMSB Pillar 1 capital and liquidity frameworks. Therefore, OSFI is proposing that the assurance expectations complement the proportionality initiative to reflect the size, nature, complexity and business activities of SMSBs.

7 5 Current Landscape and Key Issues Scope of Application for External Audit Requirements 5.1 External audit requirements5 currently exist in the LICAT, MCT, and MICAT guidelines for federally regulated insurers. Signatures from authorized FRFI officials are also required for the LICAT, MCT and MICAT. While there are no similar audit requirements in the CAR, LR, TLAC, and LAR guidelines for federally regulated DTIs, senior management submits an annual attestation for compliance with minimum regulatory requirements for regulatory capital models, and internal audit performs a periodic review of the BCAR. Therefore, OSFI proposes to better align external audit requirements between the insurance and deposit￾taking industries. 5 The LICAT Guideline requires life insurers to obtain an annual audit report on the year-end LICAT Quarterly Return in accordance with the relevant standards for such assurance engagements. The MCT Guideline requires P&C insurers to obtain an annual audit report for page 30.61 of the P&C quarterly return. The MICAT Guideline requires mortgage insurers to obtain an annual audit report for page 10.10 of the MICAT quarterly return. Expectations around the Assessment of External Audit Materiality 5.2 With the issuance of more specific guidance on external audit expectations, OSFI is aiming to better inform and guide external auditors in the work to be performed on the regulatory returns. For example, the level of materiality applied to the audit of the LICAT, MCT, MICAT and DTI capital contained in financial statement note disclosures is based on the auditor’s professional judgement, which may

8 not always be at the level suitable for OSFI’s use of the regulatory returns. Clarifying the factors to be considered in the determination of materiality would guide external auditors in planning and performing sufficient and appropriate assurance procedures to provide OSFI with confidence over the FRFIs’ regulatory returns. Managing Errors in the Generation of Regulatory Returns 5.3 Under the Late and Erroneous Filing Penalty (LEFP)framework6, OSFI encourages FRFIs to file accurate information on a timely basis, and expects FRFIs to have appropriate policies and procedures in place to ensure regulatory returns are error free. In addition, existing assurance activities promote the accuracy and completeness of regulatory returns to some extent and can be further enhanced to better enable OSFI’s use of the returns. By enhancing existing assurance expectations, OSFI would like to reduce the possibility of errors on regulatory returns which may include, for example, inaccurate regulatory adjustments to net assets available, miscalculation of margins, and misapplication of credit risk factors on insurance capital returns. For DTIs, this may include, for example, incorrect application of risk weights for credit, market or operational risks, misclassification of standardized risk exposures, and underreported key risk parameters including probability of default, loss given default and exposure at default on DTI capital returns. Undetected errors could have negative implications for the risk assessments and supervision of FRFIs. Therefore, clarifying assurance expectations for insurers and DTIs will help to support OSFI’s use of the returns. 6 Administrative Procedures for the LEFP Framework, January 2020 OSFI is aiming to better inform and guide external auditors and FRFIs in the work to be performed on the regulatory returns.

9 6 Assurance Expectations for Capital, Leverage and Liquidity Returns OSFI is seeking input and views on the assurance expectations proposed in this discussion paper. 6.1 In line with the guiding principles outlined for this initiative, OSFI is exploring a set of risk-based assurance expectations which reflect the size, nature, complexity and business activities of FRFIs. The proposed requirements are described in detail in Tables 1 to 6 below. 6.2 OSFI is seeking input and views on the assurance expectations proposed in this discussion paper. Interested stakeholders are requested to provide responses to the discussion questions included in the sections below and summarized in Annex 1. External Audit Opinion 6.3 Currently, external audit requirements are specified in OSFI’s LICAT, MCT and MICAT guidelines but the guidance does not require a conclusion on the effectiveness of the institutions’ internal controls over the preparation of regulatory returns.

10 6.4 OSFI proposes requiring, at a minimum, an annual external audit opinion on whether the key regulatory ratios in both the insurance and deposit￾taking industries have been prepared, in all material respects, with the relevant regulatory framework. OSFI is considering requesting that when auditing the regulatory ratios, external auditors evaluate and opine upon whether the material risk components in both the ratio’s numerator and denominator are free from material misstatement. OSFI is also considering whether the external audit opinion should include a conclusion on the effectiveness of internal controls. This proposal aims to enhance the degree of confidence with which OSFI can rely on FRFIs’ reported key regulatory ratios. QUESTION 1 EXTERNAL AUDITORS; FRFIs What are the existing external audit scope limitations under current audit requirements, if any, and how should such scope limitations be addressed? QUESTION 2 EXTERNAL AUDITORS Are the proposed audit requirements for the material risk components in both the ratio’s numerator and denominator feasible? If not, please provide supporting rationale. QUESTION 3 ALL STAKEHOLDERS How can greater assurance over regulatory returns be promoted going forward? OSFI proposes requiring an annual external audit opinion on whether the key regulatory ratios have been prepared, in all material respects, with the relevant regulatory framework. Scope 6.5 Table 1 and Table 2 provide a summary of the proposed external audit requirements for capital, leverage and liquidity ratios including: i) ratios in scope; ii) filing requirements; iii) frequency; and iv) rationale in support of the requirements.

11 Table 1 Proposed Capital & Leverage External Audit Requirements INDUSTRY Capital and Leverage Ratios7 Filing Requirement Frequency Rationale INSURANCE Life Insurers LICAT Schedule 10.100 / Life Insurance Margin Adequacy Test (LIMAT) Schedule 120.000 Within 90 days of fiscal year-end. Annual at year￾end reporting date. Scope change as the ratio page subject to an external audit is being clarified. P&C Insurers MCT / Branch Adequacy of Assets Test (BAAT) Schedule 30.61 Within 90 days of fiscal year-end. Annual at year￾end reporting date. Scope consistent with existing external audit requirements. Mortgage Insurers MICAT Schedule 10.10 Within 90 days of fiscal year-end. Annual at year￾end reporting date. DTI D-SIBs BCAR Schedule 1 LRR Leverage & TLAC Leverage Ratios Schedule Within 90 days of fiscal year-end. Annual at year￾end reporting date. Pillar 1 capital ratios that are key measures of a FRFI’s capital adequacy should be subject to an external audit. SMSBs Category I BCAR Schedule 1 LRR Leverage & TLAC Leverage Ratios Schedule Within 90 days of fiscal year-end. Annual at year￾end reporting date. SMSBs Category II SMSBs Category III BCAR Schedule 1 7 The insurance capital schedule references will be updated in the subsequent draft guideline for this initiative after draft returns for IFRS 17 are published by OSFI. For DTIs, the capital and liquidity schedule references are based on OSFI’s March 2021 consultations on Basel III implementation and may be further updated in the draft guideline.

12 Table 2 Proposed Liquidity External Audit Requirements INDUSTRY Liquidity Ratios7 Filing Requirement Frequency Rationale INSURANCE Life, P&C, Mortgage Insurers N/A DTI D-SIBs Schedule LCR Schedule NSFR Within 90 days of fiscal year-end. Annual at year￾end reporting date. Liquidity ratios that are key measures to assess a FRFI’s liquidity and funding risks should be subject to an external audit. SMSBs Category I Schedule LCR Schedule NSFR (for FRFIs with significant wholesale funding reliance) Within 90 days of fiscal year-end. Annual at year￾end reporting date. SMSBs Category II Schedule LCR SMSBs Category III N/A

13 QUESTION 4 ALL STAKEHOLDERS How should potential audit scope limitations be addressed going forward? QUESTION 5 ALL STAKEHOLDERS Should i) any regulatory ratios other than those listed in Tables 1 and 2, and/or ii) controls testing be added or excluded from the external audit requirements? If so, please provide supporting rationale. QUESTION 6 ALL STAKEHOLDERS Should external audits be obtained on non-public prudential measures (e.g. NCCF/ OCFS) for D-SIBs and SMSBs, respectively? Please provide supporting rationale. QUESTION 7 ALL STAKEHOLDERS Are the proposed filing requirements/ frequency for external audits adequate? If not, please provide supporting rationale. Materiality 6.6 OSFI is also seeking input from stakeholders to better understand the determination of materiality in existing audits of the LICAT, MCT and MICAT, and in existing audits of DTI capital and leverage ratio financial statement note disclosures. The determination of materiality requires professional judgement and is based on a combination of quantitative and qualitative factors. Misstatements are considered material, if individually or in aggregate, they could reasonably influence relevant decisions of OSFI, as the primary user of the regulatory returns. 6.7 In OSFI’s view, some factors that may be considered when setting materiality include: i) the size, nature and complexity of a FRFI’s operations; ii) any breach or near breach of a FRFI’s internal target for capital, leverage or liquidity requirements; and iii) offsetting misstatements in the numerator and denominator of a regulatory ratio that may cause the subject matter information to be materially misstated. Such factors may lead the auditor to set a materiality level that is different than what is used for the audit of regulatory ratios in financial statement note disclosures. QUESTION 8 EXTERNAL AUDITORS What factors are currently considered when determining matters that are material to users of the LICAT, MCT and MICAT, and DTI capital and leverage ratio financial statement note disclosures? QUESTION 9 ALL STAKEHOLDERS What factors should be considered when determining matters that are material to users of key regulatory ratios?

14 Summary of Unadjusted Errors 6.8 The identification of unadjusted errors below misstatement posting thresholds by external auditors can aid OSFI Supervisors in their understanding of where errors reside in regulatory ratio calculations, and the possible impact to risk assessments. To provide transparency around existing errors, including any offsetting errors on the regulatory returns, OSFI is also considering requesting that external auditors include OSFI in any correspondence containing the summary of unadjusted errors with FRFIs. QUESTION 10 EXTERNAL AUDITORS What issues exist, if any, with submitting a summary of unadjusted errors to OSFI following the external audit of regulatory ratios? Senior Management Attestation 6.9 OSFI’s LICAT, MCT and MICAT returns require an authorized official or chief agent to confirm on a quarterly and/or annual basis that the key regulatory returns are completed accurately. Although such attestations are not specified on OSFI’s BCAR, LRR, LCR, NSFR and NCCF returns, senior management in DTIs submit an annual attestation for compliance with minimum regulatory requirements for regulatory capital models. 6.10 OSFI proposes requiring a senior management attestation for all key regulatory returns. The senior management attestation would be expanded to include the performance of a review, by an internal function independent of the business line preparing the return, prior to senior management sign-off. The resulting proposals aim to drive greater consistency of practice across the insurance and deposit-taking industries while enhancing the governance, controls and processes around the preparation of the regulatory returns. 6.11 Table 3 and Table 4 provide a summary of the senior management attestation requirements including: i) page of return requiring sign-off; ii) filing requirements; iii) frequency; and iv) rationale in support of the requirements. OSFI proposes requiring a senior management attestation for all key regulatory returns.

15 Table 3 Proposed Capital & Leverage Senior Management Attestation Requirements INDUSTRY Page of Return with Sign-off Filing Requirement Frequency Rationale INSURANCE Life Insurers LICAT / LIMAT COVER Schedule According to quarterly / annual filing requirements. Quarterly and annual at the reporting date. Scope change as the senior management attestation would require an internal review of the regulatory return prior to sign￾off to enhance governance and controls in institutions. P&C Insurers MCT / BAAT Schedule 99.16 (quarterly), 99.10 / 99.11 / 99.15 / 99.20 (annual) According to quarterly / annual filing requirements. Quarterly and annual at the reporting date. Mortgage Insurers MICAT COVER Schedule (new) According to quarterly filing requirements. Quarterly at the reporting date. Scope change as the senior management attestation, which was implemented Q1 2021 for the MICAT, would require an internal review of the regulatory return prior to sign￾off to enhance governance and controls in institutions. DTI D-SIBs BCAR COVER Schedule (new) LRR COVER Schedule (new) According to quarterly filing requirements. Quarterly at the reporting date. Capital and leverage returns including Pillar 1 capital ratios that are key measures of a FRFI’s capital adequacy should be subject to a senior management attestation following an internal review to enhance governance and controls in institutions. SMSBs Category I BCAR COVER Schedule (new) LRR COVER Schedule (new) According to quarterly filing requirements. Quarterly at the reporting date. SMSBs Category II SMSBs Category III BCAR COVER Schedule (new)

16 Table 4 Proposed Liquidity Senior Management Attestation Requirements INDUSTRY Page of Return with Sign-off Filing Requirement Frequency Rationale INSURANCE Life, P&C, Mortgage Insurers N/A DTI D-SIBs LCR COVER Schedule (new) Comprehensive NCCF COVER Schedule (new) According to monthly filing requirements. Monthly at the reporting date. Liquidity returns including LAR ratios and NCCF/ OCFS, which are key measures of a FRFI’s liquidity adequacy should be subject to a senior management attestation following an internal review to enhance governance and controls at institutions. NSFR COVER Schedule (new) According to quarterly filing requirements. Quarterly at the reporting date. SMSBs Category I LCR COVER Schedule (new) Comprehensive NCCF COVER Schedule (new) According to monthly filing requirements. Monthly at the reporting date. NSFR COVER Schedule (new for FRFIs with significant wholesale funding reliance) According to quarterly filing requirements. Quarterly at the reporting date. SMSBs Category II LCR COVER Schedule (new) Streamlined NCCF COVER Schedule (new) According to monthly filing requirements. Monthly at the reporting date. SMSBs Category III OCFS COVER Schedule (new)

17 QUESTION 11 ALL STAKEHOLDERS Should any regulatory returns be added or excluded from the senior management attestation requirements? If so, please provide supporting rationale. QUESTION 12 ALL STAKEHOLDERS Are the proposed filing requirements/ frequency for senior management attestations adequate? If not, please provide supporting rationale. Internal Audit 6.12 Currently, OSFI’s E-19 Guideline – Internal Capital Adequacy Assessment Process for DTIs, and E-19 Guideline – Own Risk and Solvency Assessment for insurers, expect an internal control review of the accuracy and reasonableness of a FRFI’s capital assessment process. Effective control of the capital assessment process includes periodic objective reviews which may be conducted by an internal or external auditor. Internal audit should also assess the overall effectiveness and adequacy of a FRFI’s model risk policy, for example, as discussed in OSFI’s E-23 Guideline – Enterprise-wide Model Risk Management for DTIs. 6.13 OSFI proposes requiring an annual internal audit opinion on the accuracy and completeness of key regulatory returns, which includes a conclusion on the effectiveness of internal controls. The internal audit may be completed at any time during the fiscal year. If the internal audit opinion does not include testing of controls at year-end, OSFI proposes that the FRFI submit a statement/attestation that controls are in place and no material changes to the controls exist at year-end. The resulting proposals aim to reduce misstatements on the regulatory returns by relying on the third line of defence to enhance governance and controls in both insurers and DTIs. 6.14 Table 5 and Table 6 provide a summary of the proposed internal audit requirements including: i) regulatory returns in scope; ii) filing requirements; iii) frequency; and iv) rationale in support of the requirements. OSFI proposes requiring an annual internal audit opinion on the accuracy and completeness of key regulatory returns.

18 Table 5 Proposed Capital & Leverage Internal Audit Requirements INDUSTRY Capital and Leverage Returns Filing Requirement Frequency Rationale INSURANCE Life Insurers LICAT / LIMAT Within 90 days of fiscal year-end. Annual Internal audits of an insurer’s regulatory capital return including the capital ratio enhance governance and controls in institutions. The internal audit may be completed at any time during the fiscal year for submission within 90 days of the same year-end. P&C Insurers MCT / BAAT Within 90 days of fiscal year-end. Annual Mortgage Insurers MICAT Within 90 days of fiscal year-end. Annual DTI D-SIBs BCAR LRR Within 90 days of fiscal year-end. Annual Scope change as capital and leverage returns including Pillar 1 capital ratios that are key measures of a FRFI’s capital adequacy should be subject to an internal audit to enhance governance and controls at institutions. The internal audit may be completed at any time during the fiscal year for submission within 90 days of the same year-end. SMSBs Category I BCAR LRR Within 90 days of fiscal year-end. Annual SMSBs Category II SMSBs Category III BCAR

19 Table 6 Proposed Liquidity Internal Audit Requirements INDUSTRY Liquidity Returns Filing Requirement Frequency Rationale INSURANCE Life, P&C, Mortgage Insurers N/A DTI D-SIBs LCR NSFR Comprehensive NCCF Within 90 days of fiscal year-end. Annual Liquidity returns including LAR ratios and NCCF/ OCFS, which are key measures of a FRFI’s liquidity adequacy should be subject to an internal audit to enhance governance and controls in institutions. The internal audit may be completed at any time during the fiscal year for submission within 90 days of the same year-end. SMSBs Category I LCR NSFR (for FRFIs with significant wholesale funding reliance) Comprehensive NCCF Within 90 days of fiscal year-end. Annual SMSBs Category II LCR Streamlined NCCF SMSBs Category III OCFS QUESTION 13 ALL STAKEHOLDERS Should any regulatory returns be added or excluded from the internal audit requirements? If so, please provide supporting rationale. QUESTION 14 ALL STAKEHOLDERS Are the proposed filing requirements/frequency for internal audits adequate? If not, please provide supporting rationale.

20 7 Process and Next Steps 7.1 With the proposals outlined above, OSFI aims to update and align enhanced assurance expectations given the increasing complexity of regulatory capital, leverage and liquidity returns. 7.2 Comments received in response to this discussion paper will be used to refine and finalize OSFI’s assurance expectations for insurance capital returns, and DTI capital, leverage and liquidity returns. OSFI is targeting the publication of a draft guideline for public consultation by Fall 2021. 7.3 OSFI is considering that the enhanced assurance expectations be effective fiscal 2022 for insurers as the proposals are enhancements to existing assurance expectations on capital returns, and fiscal 2023 for DTIs as the proposals introduce and formalize assurance expectations on capital, leverage and liquidity returns. QUESTION 15 ALL STAKEHOLDERS Are the proposed effective dates adequate? If not, please provide supporting rationale. QUESTION 16 ALL STAKEHOLDERS Are there any recommendations to the proposals which would address existing challenges, or better reflect the size, nature and complexity of FRFIs? QUESTION 17 ALL STAKEHOLDERS What other views/options should be considered by OSFI? 7.4 Interested parties may choose to respond to any or all questions, even if the question is not directed to them. Please identify the paragraph/question number for which a response is being submitted. In submitting a response to OSFI, it is acknowledged that OSFI may incorporate anonymized feedback in a published summary of consultation findings. OSFI may also invite stakeholders to participate in future discussions, on a bilateral basis or in a multi￾stakeholder forum. 7.5 Comments on the discussion paper and responses to the discussion questions are requested by June 18, 2021 and should be sent to Assurance@ osfi-bsif.gc.ca.

21 ANNEX 1 List of Discussion Questions QUESTION 1 EXTERNAL AUDITORS; FRFIs What are the existing external audit scope limitations under current audit requirements, if any, and how should such scope limitations be addressed? QUESTION 2 EXTERNAL AUDITORS Are the proposed audit requirements for the material risk components in both the ratio’s numerator and denominator feasible? If not, please provide supporting rationale. QUESTION 3 ALL STAKEHOLDERS How can greater assurance over regulatory returns be promoted going forward? QUESTION 4 ALL STAKEHOLDERS How should potential audit scope limitations be addressed going forward? QUESTION 5 ALL STAKEHOLDERS Should i) any regulatory ratios other than those listed in Tables 1 and 2, and/or ii) controls testing be added or excluded from the external audit requirements? If so, please provide supporting rationale. QUESTION 6 ALL STAKEHOLDERS Should external audits be obtained on non-public prudential measures (e.g. NCCF/OCFS) for D-SIBs and SMSBs, respectively? Please provide supporting rationale. QUESTION 7 ALL STAKEHOLDERS Are the proposed filing requirements/frequency for external audits adequate? If not, please provide supporting rationale. QUESTION 8 EXTERNAL AUDITORS What factors are currently considered when determining matters that are material to users of the LICAT, MCT and MICAT, and DTI capital and leverage ratio financial statement note disclosures? QUESTION 9 ALL STAKEHOLDERS What factors should be considered when determining matters that are material to users of key regulatory ratios?

22 List of Discussion Questions ANNEX 1 QUESTION 10 EXTERNAL AUDITORS What issues exist, if any, with submitting a summary of unadjusted errors to OSFI following the external audit of regulatory ratios? QUESTION 11 ALL STAKEHOLDERS Should any regulatory returns be added or excluded from the senior management attestation requirements? If so, please provide supporting rationale. QUESTION 12 ALL STAKEHOLDERS Are the proposed filing requirements/frequency for senior management attestations adequate? If not, please provide supporting rationale. QUESTION 13 ALL STAKEHOLDERS Should any regulatory returns be added or excluded from the internal audit requirements? If so, please provide supporting rationale. QUESTION 14 ALL STAKEHOLDERS Are the proposed filing requirements/frequency for internal audits adequate? If not, please provide supporting rationale. QUESTION 15 ALL STAKEHOLDERS Are the proposed effective dates adequate? If not, please provide supporting rationale. QUESTION 16 ALL STAKEHOLDERS Are there any recommendations to the proposals which would address existing challenges, or better reflect the size, nature and complexity of FRFIs? QUESTION 17 ALL STAKEHOLDERS What other views/options should be considered by OSFI?

23 ANNEX 2 Glossary - Acronyms BAAT Branch Adequacy of Assets Test BCAR Basel Capital Adequacy Reporting CAR Capital Adequacy Requirements D-SIB Domestic Systemically Important Bank DTI Deposit-taking Institution FRFI Federally Regulated Financial Institution IFRS International Financial Reporting Standards LAR Liquidity Adequacy Requirements LCR Liquidity Coverage Ratio LEFP Late and Erroneous Filing Penalty LICAT Life Insurance Capital Adequacy Test LIMAT Life Insurance Margin Adequacy Test LR Leverage Requirements LRR Leverage Requirements Return MCT Minimum Capital Test MICAT Mortgage Insurer Capital Adequacy Test NCCF Net Cumulative Cash Flow NSFR Net Stable Funding Ratio OCFS Operating Cash Flow Statement OSFI Office of the Superintendent of Financial Institutions P&C Property & Casualty SMSB Small and Medium-sized Deposit-taking Institution TLAC Total Loss Absorbing Capacity