Amendments to Policy Statement to Regulation 52-108 respecting Auditor Oversight

AMENDMENTS TO POLICY STATEMENT TO REGULATION 52-108 RESPECTING AUDITOR OVERSIGHT

1. Policy Statement to Regulation 52-108 respecting Auditor Oversight is amended by adding, at the end, the following: “Section 7.1 – Definition of Component and Component Auditor The terms “component” and “component auditor” have the same meaning as “component” and “component auditor” in Canadian GAAS. As a result, the terms are interpreted in a manner consistent with how the terms are used in Canadian Auditing Standard 600 Special Considerations – Audits of Group Financial Statements (Including the Work of Component Auditors) (CAS 600). In CAS 600, the term “component” means an entity or business activity for which a group or component management prepares financial information that should be included in the group financial statements, and the term “component auditor” means an auditor who, at the request of the group engagement team, performs work on financial information related to a component for the group audit. “Section 7.1 – Definition of CPAB Access Agreement The Regulation does not prescribe the content to be included in a CPAB access agreement. It is not intended to be equivalent to a “participation agreement”. The terms and conditions set out in a CPAB access agreement, including the manner and conditions for when access is to be provided, will be agreed to by CPAB and the significant component auditor. “Section 7.1 – Definition of Significant Component Auditor A component controlled or jointly controlled by a reporting issuer The definition of significant component auditor refers to a component auditor that performs audit work involving financial information related to a component of a reporting issuer if the reporting issuer has the power to direct on its own or jointly with another person. Financial information related to a component that a reporting issuer does not have power to direct, at least jointly, is excluded from the definition. For example, under IFRS, a subsidiary or joint arrangement are captured by the reference noted above in the significant component auditor definition, whereas an investment that is accounted for using the equity method of accounting, or a variable interest entity that a reporting issuer does not have power to direct on its own or jointly with another person, is not captured. Determination of what constitutes an ‘audit hour’ or ‘audit fee’ The term ‘hours’ in this Regulation refers to ‘audit hours’ and is intended to include any hours that are billed in respect of a financial period as ‘audit fees’ or ‘audit-related fees’ (other than hours pertaining to the review of interim financial report), as those terms are described in Forms 52-110F1 Audit Committee Information Required in an AIF and 52-110F2 Disclosure by Venture Issuers (52-110 Forms). The term ‘fees’ in this Regulation is intended to include any fees that are billed in respect of a financial period as ‘audit fees’ or ‘audit-related fees’ (other than fees pertaining to the review of interim financial report), as those terms are described in the 52-110 Forms. Determination of percentage of audit hours spent by a component auditor on a financial statement audit Paragraph (a) in the definition of significant component auditor applies if the number of hours spent by the component auditor performing audit work in respect of the financial period is 20% or more of the total hours spent on the audit of the reporting issuer’s financial statements relating to that period. For example, if a reporting issuer audit took 100 hours to complete, and the reporting issuer’s auditor performed 80 hours of audit work, and the component auditor performed 20 hours of audit work, paragraph (a) of the definition would apply since the hours spent by the

2 component auditor would be 20% (20 hours / 100 hours) of the audit hours spent by the reporting issuer’s auditor. Determination of percentage of audit fees paid to a component auditor for the financial statement audit Paragraph (b) of the definition of significant component auditor applies if the amount of fees paid to the component auditor for audit work in respect of the financial period is 20% or more of the total fees paid for the audit of the reporting issuer’s financial statements relating to that period. For example, if a reporting issuer paid $100,000 for the audit of its financial statements, and $80,000 of the fee was paid to the reporting issuer’s auditor for its audit work, while $20,000 of the fee was paid to the component auditor for its audit work, paragraph (b) of the definition would apply since the percentage of fees paid to the component auditor would be 20% ($20,000 / $100,000). Determination of number of audit hours a component auditor spent on a significant component Subparagraph (c)(i) of the definition of significant component auditor applies if a reporting issuer has a component with assets that represent 20% or more of the reporting issuer’s consolidated assets at the end of the financial period, or revenues that represent 20% or more of the consolidated revenues for that financial period, and it has the power to direct the activities of the component on its own or jointly with another person. If subparagraph (c)(i) applies, subparagraph (c)(ii) of the definition would be considered. Subparagraph (c)(ii) of the definition of significant component auditor applies if the number of hours spent by the component auditor performing audit work in respect of the financial period exceeds 50% of the total hours spent on audit work relating to the component that meets the application requirements in subparagraph (c)(i) of the definition. For example, assume a reporting issuer has a subsidiary (Component A) that has revenues representing 30% of the consolidated revenues of the reporting issuer, and therefore satisfies subparagraph (c)(i) of the definition. If the audit of Component A took 10 hours to complete and the component auditor performed 6 hours of the audit work and the reporting issuer’s auditor performed 4 hours of the audit work, the work performed by the component auditor would satisfy subparagraph (c)(ii) of the definition. The component auditor would have performed 60% (6 hours / 10 hours) of the total hours to audit the component for the reporting issuer audit. The component auditor would therefore meet the definition of a significant component auditor. In the example above, the 6 hours of work performed by the component auditor would represent the amount of time spent to perform audit work in connection with the audit of the reporting issuer’s financial statements. If additional audit work was performed to support the completion of a separate audit engagement (e.g., the audit of the standalone financial statements of Component A), those audit hours would be excluded from the calculation in subparagraph (c)(ii). “Section 7.2 – Reporting Issuer to Permit Provision of Access Section 7.2 requires a reporting issuer to, on or before the date of the auditor’s report on the reporting issuer’s financial statements for a financial period, give notice in writing to the significant component auditor that the reporting issuer permits the significant component auditor to provide CPAB with access to the significant component auditor’s records relating to the audit work performed for those financial statements if that access is requested by CPAB. Effectively, this communication confirms to the significant component auditor that the reporting issuer has no objection with CPAB having access to any information about the reporting issuer that was retained as audit evidence to support the significant component auditor’s audit work. A reporting issuer can give notice to a significant component auditor to provide CPAB with access to inspect the significant component auditor’s records by communicating directly with the significant component auditor (e.g., a letter to the significant component auditor), or indirectly through the reporting issuer’s auditor (e.g., state in the engagement letter with the reporting issuer’s auditor that it shall inform in writing that all significant component auditors

3 involved in the audit that the reporting issuer is permitting them to provide CPAB with access to the records relating to the audit work they perform in connection with the reporting issuer’s audit). Regardless of whether the communication referred to in section 7.2 is received directly from the reporting issuer, or indirectly through the reporting issuer’s auditor, it is important that the reporting issuer’s auditor communicate to the significant component auditor the importance of the significant component auditor providing access to CPAB, and the implications for all involved if access is not voluntarily provided or a CPAB access agreement is not signed, since this could have a significant impact on future audits of the reporting issuer. “Subsection 7.3(1) and Subsection 7.4(1) – CPAB Access-limitation Notice and CPAB No-access Notice Both subsection 7.3(1) and subsection 7.4(1) of the Regulation require a participating audit firm to deliver a copy of a notice to the regulator, except in Québec, or securities regulatory authority. The securities regulatory authorities will consider the delivery requirement to be satisfied if a copy of the notice is sent to auditor.notice@acvm-csa.ca. The Regulation does not prescribe the content of a CPAB access-limitation notice and CPAB no-access notice. If a copy of a CPAB access-limitation notice or CPAB no-access notice is delivered to the email address identified above, the communication should identify each regulator or securities regulatory authority that is to receive a copy of the notice if such information is not specified in the notice. “Subsection 7.3(2) – Impact of a Significant Component Auditor Being Permitted to Enter into a CPAB Access Agreement If subsection 7.3(2) applies, the significant component auditor and CPAB would immediately begin the process of negotiating a CPAB access agreement. The negotiations should be completed in a reasonable period of time. “Section 7.4 – Impact of Participating Audit Firm Receiving a CPAB No-access Notice If a participating audit firm receives a CPAB no-access notice and was planning to use the public accounting firm named in the notice as a significant component auditor for an upcoming reporting issuer audit, it may continue to do so provided that the reporting issuer’s upcoming year end is not more than 180 days after the date of the notice. If a reporting issuer’s upcoming year end is more than 180 days after the date of the notice, the participating audit firm may not use the public accounting firm named in the notice as a significant component auditor for the reporting issuer’s upcoming year end unless CPAB has notified the participating audit firm that the named firm has entered into a CPAB access agreement in respect of the reporting issuer before the reporting issuer’s year end. The participating audit firm also must not use any other public accounting firm as a significant component auditor for the audit of the reporting issuer’s financial statements unless the other public accounting firm delivers a notice to the participating audit firm and CPAB at least 90 days before the issuance of an auditor’s report in respect of that audit stating that it has given an undertaking to CPAB or entered into a CPAB access agreement and, in addition, one or both of the following apply: ● the other public accounting firm gives an undertaking to CPAB in writing to provide CPAB with prompt access to its records relating to audit work performed on financial information related to the component of the reporting issuer, or ● the other public accounting firm has entered into a CPAB access agreement in respect of the reporting issuer. Participating audit firms should consider how they track the use of component auditors for their reporting issuer clients to meet the requirements of subsection 7.4(1) within the specified time period of 15 business days.”.