Language selection

Annex — Assessment of internal control over financial reporting for the fiscal year ended March 31, 2014

1. Introduction

This document is attached to the Office of the Commissioner of Lobbying Statement of Management Responsibility Including Internal Control Over Financial Reporting for the fiscal year 2013–14. As required by the Treasury Board Policy on Internal Control, this document provides summary information on the measures taken by the Office of the Commissioner of Lobbying (OCL) to maintain an effective system of internal control over financial reporting (ICFR). In particular, it provides summary information on the work performed by the OCL as at , including progress, results and related action plans along with some financial highlights pertinent to understanding the control environment unique to the OCL.

1.1 Authority, mandate and program activities

The Office of the Commissioner of Lobbying was established in 2008 under the Lobbying Act. The Commissioner of Lobbying is an Agent of Parliament and is responsible for the administration of the Lobbying Act. The legislation seeks to improve transparency and accountability regarding communications between lobbyists and federal public office holders and increase the confidence of Canadians in the integrity of government decision-making.

Detailed information on the OCL's authority, mandate and programs can be found in its Departmental Performance Report and Report on Plans and Priorities.

1.2 Financial highlights

Key financial information for 2013–14 is discussed below. Additional information can be found in the OCL's Financial Statements.  Information can also be found in the Public Accounts of Canada.

  • Total expenses were $5.4 M. Salaries and employee benefits comprise the majority (61% or $3.3 M for 27 employees) followed by professional and special services (21% or $1.1 M).
  • Tangible capital assets comprise 72% of OCL's total assets ($1.4 M).
  • Employee future benefits comprise 37% of total liabilities ($0.8 M) followed by accounts payable and accrued liabilities (47.5%).
  • The OCL utilizes the GX financial system.

1.3 Service arrangements relevant to financial statements

The OCL relies on other organizations to process various transactions that are recorded in its financial statements:

  • Public Works and Government Services Canada (PWGSC) centrally administers the payment of salaries and the procurement of some goods and services, and provides cheque-issuing services as well as accommodation.
  • Treasury Board of Canada Secretariat (TBS) provides information used to calculate various accruals and allowances, such as the employer's contribution to the health and dental insurance plans.
  • The Office of the Auditor General provides audit services to OCL.
  • The OCL obtains accounting and pay administration services through a shared services agreement with the Canadian Human Rights Commission (CHRC). The accounting services include the posting of expenses to the financial system, the quality assurance and payment of accounts, monthly and year-end general ledger (GL) accounts reconciliation and the preparation of OCL's financial statements.

1.4 Material changes in 2013–14

No significant changes that are relevant to the financial statements occurred in 2013–14.

2. OCL's control environment relevant to ICFR

The OCL is a small entity with low risk associated with its system of internal control. It recognizes the importance of senior management leadership in ensuring that staff at all levels understand their role in maintaining effective systems of ICFR and are well equipped to exercise these responsibilities effectively. The OCL's focus is to ensure risks are well managed through a responsive and risk-based control environment that enables continuous improvement and innovation.

2.1 Key positions, roles and responsibilities

Below are the OCL's key positions and committees with responsibilities for maintaining and reviewing the effectiveness of its system of ICFR.

Commissioner (deputy head): As the Accounting Officer, the Commissioner assumes overall responsibility and leadership for the measures taken to maintain an effective system of internal control. In this role, the Commissioner chairs the Executive Management Committee and is a member of the Audit and Evaluation Committee.

Deputy Commissioner and Chief Financial Officer: The Deputy Commissioner and Chief Financial Officer is responsible for integrated strategic and operational planning, including the coordination and implementation of performance measurement, risk management, and human resources management. The Deputy Commissioner also provides strategic policy and communications advice, and coordinates all outreach activities. Financial and administrative services for the organization are handled by this office, which also works to address all corporate needs relating to security, facilities management and workplace safety.

The duties of the Chief Financial Officer were transferred to the Deputy Commissioner in September 2013. In that capacity, the Deputy Commissioner and Chief Financial Officer provides leadership for the coordination, coherence and focus on the design and maintenance of an effective and integrated system of ICFR, including its annual review and assessment.

It is not practical for OCL to have a full-time Chief Audit Executive, due to the organization's size, risk profile and resources. For this reason, the function is performed by the Deputy Commissioner and Chief Financial Officer who assumes administrative responsibility for the internal audit function. Given the size of the organization and limited resources, the OCL must supplement its internal audit capacity by outsourcing most of its internal audit services.

Director of Finance and Deputy Chief Financial Officer: Under the supervision of the Deputy Commissioner and Chief Financial Officer, the Director of Finance is responsible for the development, implementation and maintenance of the financial and accounting control regime for the OCL. The position is also responsible for the management of the organization's financial planning and reporting, accounting and contracting activities. It provides support to the internal audit function, and expert financial advice and recommendations to the Deputy Commissioner and Chief Financial Officer.

Executive Management Committee (EMC): This Committee is the senior decision-making body at OCL. The Committee is chaired by the Commissioner and its membership also includes the Deputy Commissioner and Chief Financial Officer, the two directors, the Senior Legal Counsel.

The primary purpose of EMC is to establish and oversee the Office's strategic policy and management direction. It provides a forum to consider decisions on policy, administrative practices and management issues and ensures that the Commissioner is strategically prepared to provide direction on the Office's key activities, in order to help her fulfill her mandate. EMC supports the Commissioner in making strategic decisions on key policy and operational planning issues, ensures integration of cross-cutting decisions and addresses items impacting on the Office's business. It specifically provides advice to the Commissioner and supports the oversight function with respect to business planning, finance, human resources, information technology, information management, official languages, outreach activities and workplace health and safety, as well as advises the Commissioner on resource allocation prior to making decision.

Audit and Evaluation Committee (AEC): The AEC provides the Commissioner with independent and objective advice on internal audit, program evaluation, risk management, control framework and reporting practices. It consists of three external members and the Commissioner, as an ex-officio member. The committee reviews the Corporate Risk Profile, OCL's financial statements and its system of internal controls, including internal audit reports, and the assessments and action plans related to the system of ICFR. The AEC meets with the OAG to receive the results of their annual audit of the OCL financial statements. It also reviews other accountability reports, such as the RPP and the DPR, and draft internal audit reports. The committee presents its observations in a report annually to the Commissioner.

2.2 Key measures taken by the OCL

The OCL has a comprehensive internal control framework for financial management that is aligned with the federal government's expenditure management process. The OCL's funding is controlled through a budgeting and commitment control process in its integrated financial system. Expenditures are approved at the initiation, commitment, contracting, performance certification and payment approval stages. Financial results are monitored through a monthly financial reporting process, and validated by management.

The OCL's control environment also includes measures and structures to equip staff to be able to manage risks well, through raising awareness, providing appropriate knowledge and tools and developing skills. Key measures include:

  • Governance structure and strategic direction through the Executive Management Committee (EMC) and supported by the Audit and Evaluation Committee;
  • Regular reporting of financial performance to the EMC;
  • Financial policies tailored to the OCL's control environment and requirements of the Policy on Internal Control;
  • Periodic review and update of the Delegation of Financial Signing Authorities Instrument;
  • Documentation of key financial processes and related key risk and control points to support the management and oversight of the OCL's system of ICFR;
  • Preparation of a multi-year risk-based internal audit plan;
  • Preparation and implementation of management actions plans in response to observations and recommendations made during the review of the effectiveness of controls.

3. Assessment of OCL's system of ICFR

3.1 Assessment baseline

The OCL maintains an effective system of ICFR with the objective to provide reasonable assurance that:

  • Transactions are appropriately authorized;
  • Financial records are properly maintained;
  • Assets are safeguarded; and,
  • Applicable laws, regulations and policies are complied with.

Over time, this includes assessment of design and operating effectiveness of the system of ICFR leading to ensuring the ongoing monitoring and continuous improvement of the system of ICFR.

Design effectiveness means to ensure that key control points are identified, documented, in place and that they are aligned with the risks (i.e. controls are balanced with and appropriate to the risks they aim to mitigate) and that any remediation is addressed. This includes the mapping of key processes and IT systems to the main accounts by location as applicable.

Operating effectiveness means that the application of key controls has been tested over a defined period and that any required remediation is addressed.

Such testing covers all departmental control levels which include corporate or entity, general computer and business process controls.

The maintenance of an effective system of ICFR is an ongoing process designed to identify, assess effectiveness and adjust as required key risks and associated key controls, as well as to monitor its performance in support of continuous improvement. As a result, the scope, pace and status of those assessments of the effectiveness of their system of ICFR are based on risks and take into account the size of the organization.

3.2 Assessment method at the OCL

In 2013–14, the OCL proceeded with the documentation and review of its internal financial controls in an effort to comply with the Treasury Board Policy on Internal Control and to ensure that controls in place were sound and provided reasonable assurance that financial operations were conducted in compliance with regulations and applicable policies and directives.

The OCL has documented the following significant processes and controls: salary expenditures, procurement and payment to suppliers, acquisition cards, business travel cards, financial delegation, hospitality expenditures, travel expenditures, petty cash, asset management, and cellular phones and other wireless devices.

The preparation of the internal controls documentation consisted of conducting interviews and walking through the processes with various stakeholders. Narrative descriptions and flowcharts of individual processes were prepared, and the processes in place were compared to TB and OCL policies and directives.

As a small organization, the OCL acquires some of its internal services through Memoranda of Understanding for information technology, human resources and financial services from other government departments. Where the OCL relies on these other government departments, they are responsible for the self-assessment of their internal controls.

4. Assessment results

The preparation of internal controls documentation and subsequent assessment of the efficiency of controls is part of a continuous improvement process that will allow the OCL to implement healthy financial management practices.

The internal audit conducted in 2011–12 found that senior management exhibits a strong commitment to internal controls. Subject to the exceptions noted in the report, the documentation in the audited transaction files was complete, approved at the appropriate levels of authority, and in compliance with Treasury Board and OCL policies and directives. The control framework is built on a sound foundation, including appropriate policies and directives, as well as effective monitoring and management oversight practices. The audit results demonstrate that OCL's internal controls over financial reporting are working well, even if minor improvements were required in some areas. An action plan was developed to strengthen the areas that needed improvements. The recommendations that resulted from this audit can be found at the Audit of Internal Controls Over Financial Reporting For Selected Expenditures page.

In 2013–14, it will be the second year that the OCL had its financial statements audited by the Office of the Auditor General (OAG). The comparative information presented in the financial statements for the year ended is audited.

Based on the audit work performed, the OAG's auditors have not identified opportunities for changes in procedures that would improve the systems of internal control, streamline operations, and/or enhance financial reporting practices.  The OCL has received an unqualified opinion on its financial statements.

5. Action plan

5.1 Progress as at

During 2013–14, the OCL has continued to make progress in improving its key controls, as summarized below:

  • Completed the implementation of its action plan based on the findings and recommendations of the audit of internal controls over financial reporting for selected expenditures;
  • Modified the Delegation of Financial Signing Authorities instrument to reflect recent changes to the TB policy instrument;
  • Prepared an Integrated Business Plan, that includes a detailed human resource plan.
  • Updated the OCL Corporate Risk Profile;
  • Updated the Multi-Year Internal Audit Plan; and,
  • Drafted a Values and Ethics Code.

In order to meet the required competencies to strengthen the capacity in the area of financial analysis and program evaluation, the OCL realigned some of its internal services function in 2013–14. Consequently, the internal control documentation has been reviewed and revised, where required, to ensure that the roles and responsibilities are properly reflected and consistent with the realignment.

5.2 Action plan for the next fiscal year and subsequent years

In fiscal year 2014–15, the OCL will continue to strengthen its management accountability framework, including planning and reporting instruments such as Performance Measurement Framework. Preparatory work will be undertaken in advance of the evaluation of OCL's Education and Research Program, which is scheduled for 2015–16.

Building on the progress to date, the OCL is positioned to complete the documentation with regard to its entity level control and general IT level control. Work will continue to develop an assessment plan for the design and operational effectiveness, as well as an ongoing monitoring plan based on risk.

Senior management is committed to sustaining and continuously improving its sound framework of effective ICFR, including carrying out ongoing monitoring to ensure that the key controls meet the expectations of management and stakeholders, and appropriately mitigate associated risks. As part of the multi-year audit plan we are scheduling an audit of the procurement and contracting management practices in 2014–15.

Summary table to highlight progress and future plans
  Documentation Design Effectiveness Operating Effectiveness
Entity Level Controls 2014–15 Future years Future years
Information Technology General Controls 2014–15 Future years Future years
Business Process Controls:
Salary Expenditures Completed Completed Completed
Procurement and Payment to Suppliers Completed Completed 2014–15
Acquisition Cards Completed Completed 2014–15
Business Travel Cards Completed Completed Completed
Financial Delegation Completed Completed Completed
Hospitality Expenditures Completed Completed Completed
Travel Expenditures Completed Completed Completed
Petty Cash Completed Completed Completed
Asset Management Completed Completed Completed
Cellular Phones and Other Wireless Devices Completed Completed Completed
Monitoring Plan based on risk 2014–15 2014–15 Future years
Report a problem on this page
Please select all that apply:
Date modified: