Internal Control Certification

Boards should take a broad view of control to ensure that they provide oversight of all aspects of the control environment, and don’t focus just on internal control.

Starting with reporting periods ending on or after December 15, 2008, CEOs and CFOs of Canadian reporting issuers are now required to certify the operating effectiveness as well as the design of internal control over financial reporting. Since 2005 they have been required to certify the design and operating effectiveness of disclosure controls and procedures.

Although CSA National Instrument 52-109, "Certification of Disclosure in Issuers' Annual and Interim Filings," (NI 52-109) does not explicitly describe a role for the Board in the certification process, that does not mean that one does not exist nor that the board is without responsibilities in this area. For example, NI 52-109 requires CEOs and CFOs to disclose the conclusions of their reviews of disclosure controls and procedures and internal control over financial reporting in the MD&A, a document that must be reviewed and approved by the Board. Furthermore, the CSA's National Policy 58-201 "Corporate Governance Guidelines" states that "the board should adopt a written mandate in which it explicitly acknowledges responsibility for the stewardship of the issuer, including responsibility for the issuer's internal control and management information systems".

Dig Deeper