2021 Reports of the Auditor General of Canada to the Parliament of CanadaReport of the Joint Auditors to the Board of Directors of the Public Sector Pension Investment Board—Special Examination Report—2021
Independent Auditors’ Report
Table of Contents
- Audit Summary
- Introduction
- Findings, Recommendations, and Responses
- Conclusion
- Subsequent Event
- About the Audit
- List of Recommendations
- Exhibits:
- 1—Asset classes under management, as of 31 March 2020 ($ billions)
- 2—Public Sector Pension Investment Board growth since 2010–11
- 3—The corporation has a risk management framework
- 4—The corporation has both investment and non-investment risks
- 5—Corporate governance—Key findings and assessment
- 6—Strategic planning—Key findings and assessment
- 7—Corporate risk management—Key findings and assessment
- 8—Investments and operations management—Key findings and assessment
Audit Summary
We found no significant deficiencies in the corporate management practices or management of investments and operations of the Public Sector Pension Investment Board during the period covered by the audit. Though we identified areas for improvement, the corporation generally maintained reasonable systems and practices for accomplishing its mandate.
Introduction
Background
1. The Public Sector Pension Investment Board is a Crown corporation created in 1999 under the Public Sector Pension Investment Board Act. It invests and manages contributions from the pension plans of the public service, the Canadian Armed Forces, the Royal Canadian Mounted Police (RCMP), and the Reserve Force. As outlined in the Public Sector Pension Investment Board Act, the corporation is responsible for
- managing the contributions that are transferred to it from the pension plans in the best interests of the contributors and beneficiaries
- investing its assets with a view to achieving a maximum rate of return, without undue risk of loss, considering the funding, policies, and requirements of the pension plans and the ability of those plans to meet their financial obligations
2. The Treasury Board of Canada Secretariat oversees the government’s relationship with the corporation. In the 2018–19 fiscal year, the secretariat worked with the corporation and other pension plan stakeholders to implement a funding policy that aligned with the government’s funding risk tolerance. The secretariat also created the Asset Liability Committee, which included departmental officials representing each of the plans, and other significant stakeholders, including officials of the corporation. This committee provides a forum for the review and discussion of the funding risks, and supports the secretariat’s role in ensuring that these risks remain within the established funding levels. During our audit, the secretariat communicated the government’s funding risk tolerance and long-term real rate-of-return objective for the pension assets that the corporation managed.
3. To develop its investment portfolio and investment management strategies, the corporation uses the government’s funding risk tolerance level, long-term real rate-of-return objective, and inflation expectations. In the 2019–20 fiscal year, the government’s real rate-of-return objective was 3.6% for the following 10 years and 4.0% thereafter. The corporation’s objective is to establish a long-term investment strategy that achieves an expected real rate of return that is at least equal to the government’s rate-of-return objective, without assuming undue risk of loss. The corporation developed an actively managed investment portfolio aimed at outperforming, at a lower or equal level of pension funding risk, a passively managed portfolio over a 10‑year period.
4. As of 31 March 2020, the total fund 1‑year net portfolio returnDefinition 1 was −0.6%. This rate of return was affected by the market conditions brought about by the coronavirus disease (COVID‑19) pandemic. The 5‑year and 10‑year net annualized returnsDefinition 2 were 5.8% and 8.5% respectively.
5. The corporation is one of Canada’s largest pension investment managers. As of 31 March 2020, it was managing $169.8 billion in assets. These assets were invested in 6 asset classes (Exhibit 1), in more than 100 sectors and industries across 85 countries. The corporation also held investments in 147 subsidiaries around the world, including 6 wholly owned operating subsidiaries. The subsidiaries are companies the corporation controls as part of its investment portfolio.
Exhibit 1—Asset classes under management, as of 31 March 2020 ($ billions)
Source: Adapted from the Public Sector Pension Investment Board’s website
Exhibit 1—text version
This pie chart shows, in billions of dollars, the asset classes of the corporation’s investments, which totalled $169.8 billion as of 31 March 2020.
The largest of these asset classes is Public Markets and Absolute Return Strategies, which includes public market equities and government fixed income, and amounted to $81.1 billion.
From largest to smallest, the asset classes in order of the amounts invested were as follows: Private Equity, amounting to $24.0 billion; Real Estate, amounting to $23.8 billion; Infrastructure, amounting to $18.3 billion; Credit Investments, amounting to $13.3 billion; and Natural Resources, amounting to $7.6 billion. All other asset classes amounted to $1.7 billion.
6. The corporation has 888 employees in 5 offices around the world. Its head office is in Ottawa, while its main business offices are in Montréal, New York, London, and Hong Kong. The offices in New York, London, and Hong Kong opened in the past 5 years. The corporation has grown significantly since our last special examination in 2011, particularly over the past 5 years (Exhibit 2).
Exhibit 2—Public Sector Pension Investment Board growth since 2010–11
Source: Adapted from the Public Sector Pension Investment Board’s website
Exhibit 2—text version
This combined bar chart and line graph shows the growth in the corporation’s assets under management since the 2010–11 fiscal year and the number of employees for the 6 fiscal years leading up to the 2019–20 fiscal year.
The corporation’s assets under management grew steadily, with increases every fiscal year, from $58 billion in 2010–11 to $169.8 billion in 2019–20.
The number of employees grew steadily too, with increases every fiscal year, from 500 in 2013–14 to 888 in 2019–20.
The following table lists for each fiscal year the value of the corporation’s assets under management and its number of employees.
| Fiscal year | Assets under management (in billions of dollars) |
Number of employees |
|---|---|---|
| 2010–11 | 58 | not recorded |
| 2011–12 | 64.5 | not recorded |
| 2012–13 | 76.1 | not recorded |
| 2013–14 | 93.7 | 500 |
| 2014–15 | 112 | 570 |
| 2015–16 | 116.8 | 642 |
| 2016–17 | 135.6 | 725 |
| 2017–18 | 153 | 807 |
| 2018–19 | 168 | 844 |
| 2019–20 | 169.8 | 888 |
7. In the 2020–21 fiscal year, after the implementation of the Funding Policy for the Public Sector Pension Plans, the Treasury Board of Canada Secretariat communicated to the corporation the government’s funding risk tolerance by providing a portfolio breakdown of investment types (equity and fixed income) in line with this funding risk tolerance level. This practice replaced the communication of a long-term real rate-of-return objective.
Focus of the audit
8. Our objective for this audit was to determine whether the systems and practices we selected for examination at the Public Sector Pension Investment Board were providing the corporation with reasonable assurance that its assets were safeguarded and controlled, its resources were managed economically and efficiently, and its operations were carried out effectively, as required by section 138 of the Financial Administration Act.
9. In addition, section 139 of the Financial Administration Act requires that we state an opinion, with respect to the criteria established, on whether there was reasonable assurance that there were no significant deficiencies in the systems and practices we examined. We define and report significant deficiencies when, in our opinion, the corporation could be prevented from having reasonable assurance that its assets are safeguarded and controlled, its resources are managed economically and efficiently, and its operations are carried out effectively.
10. On the basis of our risk assessment, we selected systems and practices in the following areas:
The selected systems and practices, and the criteria used to assess them, are found in the exhibits throughout the report.
11. More details about the audit objective, scope, approach, and sources of criteria are in About the Audit at the end of this report.
Findings, Recommendations, and Responses
Corporate management practices
The corporation had good corporate management practices in some areas and opportunities for improvement in others
12. We found that the corporation had good corporate management practices. However, improvements were needed in performance measurement, performance monitoring and reporting, risk mitigation, and risk monitoring and reporting.
13. The analysis supporting this finding discusses the following topics:
14. For additional information, see Subsequent Event at the end of the report.
15. The corporation is governed by a Board of Directors composed of 11 members, including the Chair, who are appointed by the Governor in CouncilDefinition 3 upon recommendation from the President of the Treasury Board.
16. The board oversees the corporation and is accountable to Parliament for the fulfillment of its duties. It reports through the President of the Treasury Board, as well as the ministers of National Defence and of Public Safety and Emergency Preparedness, in fulfilling its duties as pension investment manager.
17. The board is supported by an Investment and Risk Committee, Audit Committee, Governance Committee, and Human Resources and Compensation Committee.
18. The corporation is exempt from certain sections of Part X of the Financial Administration Act. As a result, it does not have to submit an annual corporate plan or an operating and capital budget for government approval.
19. To achieve its mandate, the corporation sets out strategic objectives in its strategic plan. It also develops performance indicators to measure its progress toward these objectives. Performance indicators are a means of measuring an output or outcome, to gauge the performance of a program, policy, or initiative. Along with the indicators, the corporation uses targets to specify the success levels or goals it must reach to achieve strategic objectives. For the 2016–21 period, the corporation identified 5 strategic objectives:
- Cultivate One public sector pensionPSP (encourage a total fund view across the corporation)
- improve its brand both locally and internationally
- increase its global footprint
- increase scalability and efficiency
- develop its people
At the time of our audit, the corporation was developing its 2021–26 strategic plan.
20. The corporation uses a risk management framework (Exhibit 3) that includes risk governance, a risk appetite statement, risk management and related policies, and risk identification and assessment:
- Risk governance refers to processes by which decisions about risks are made and implemented.
- A risk appetite statement specifies the level and types of risk that a corporation is willing to take to meet its strategic objectives. It sets the basic goals, parameters, and limits for the risks an organization is assuming. At the corporation, the board reviews and approves the risk appetite statement annually.
- Risk management policies outline the guiding principles governing a corporation’s overall values and approach to managing risk. The corporation uses risk management policies to mitigate investment and non-investment risks (Exhibit 4).
- Risk identification and assessment refers to the process in which risks are identified, categorized, and assessed, on the basis of their potential impact and likelihood of occurrence. The corporation conducts an annual, enterprise-wide risk and control self-assessment exercise to identify and evaluate significant risks, and assess the effectiveness of its risk mitigation activities. This exercise supports the corporation’s business planning process and ensures that risks are factored into its overall strategy. The board participates in this process through an annual risk-identification survey.
Exhibit 3—The corporation has a risk management framework
Source: Public Sector Pension Investment Board 2020 annual report
Exhibit 3—text version
This pyramid-shaped chart shows the 4 levels of the corporation’s risk management framework and the shared risk culture, which includes all 4 levels.
The top level is risk governance.
The second-highest level is the risk appetite statement, which outlines the appetite for, attitude to, and tolerances for risk.
The third-highest level is risk management and related policies. These include 6 subcategories: the Statement of Investment Policies, Standards and Procedures; the Enterprise Risk Management Policy; the Investment Risk Management Policy; the Operational Risk Management Policy; the Leverage Policy; and the Responsible Investment Policy.
The base level of the pyramid is risk identification and assessment, which includes an annual risk and control self-assessment exercise.
Exhibit 4—The corporation has both investment and non-investment risks
| Investment risks | Non-investment risks |
|---|---|
|
|
Source: Public Sector Pension Investment Board 2020 annual report
21. Our recommendations in this area of examination appear at paragraphs 26, 32, 33, 34, and 37.
22. Analysis. We found that the corporation had good systems and practices for corporate governance (Exhibit 5).
Exhibit 5—Corporate governance—Key findings and assessment
| Systems and practices | Criteria used | Key findings | Assessment against the criteria |
|---|---|---|---|
|
Board independence |
The board functioned independently. |
The board functioned independently from management when making decisions. The corporation established processes for board members to declare real, potential, or apparent conflicts of interest. |
 |
|
Providing strategic direction |
The board provided strategic direction. |
The board provided strategic direction to management that aligned with the corporation’s mandate and strategic plan. The direction also aligned with the government’s funding risk tolerance level and long-term rate-of-return objective. The board set objectives for the President and Chief Executive Officer and assessed his performance. This activity aligned with the corporation’s strategic direction. The corporation had regular communication with its stakeholders and shareholders, which helped the board provide strategic direction to the corporation. |
|
|
Board appointments and competencies |
The board collectively had the capacity and competencies to fulfill its responsibilities. |
The board determined the skills and expertise it needed to be effective. The board communicated its needs for member appointments to the responsible minister. The corporation provided new board members with orientation sessions and training material. The board was composed of 11 members with staggered terms. Four of them had expired terms; however, they planned to remain on the board until they were replaced. For additional information, see Subsequent Event at the end of the report. |
|
|
Board oversight |
The board carried out its oversight role over the corporation. |
The board’s governance structure reflected the nature and complexity of the corporation’s business and responsibilities. The board made decisions, requested and challenged information, offered direction, and followed up on management actions. The board annually evaluated its performance and the performance of its committees. The corporation’s internal audit department provided an independent, objective view on risk and internal controls. This activity supported the board’s oversight. The board reviewed information related to the governance of the corporation’s subsidiaries and their performance. Internal audits on the governance of the subsidiaries were performed at an appropriate frequency. |
|
|
Legend—Assessment against the criteria 
Met the criteria 
Met the criteria, with improvement needed 
Did not meet the criteria |
|||
23. Analysis. We found that the corporation had good systems and practices for strategic planning. However, improvements were needed in performance measurement and in performance monitoring and reporting (Exhibit 6).
Exhibit 6—Strategic planning—Key findings and assessment
| Systems and practices | Criteria used | Key findings | Assessment against the criteria |
|---|---|---|---|
|
Strategic planning processes |
The corporation established a strategic plan and strategic objectives that were aligned with its mandate. |
The corporation developed a 2016–21 strategic plan and an annual corporate plan. The plans included the corporation’s strategic objectives, which aligned with its mandate. In developing its strategic objectives, the corporation considered the government’s priorities, rate-of-return objective, funding policy, and long-term trends. It also considered the internal and external environments, and the corporation’s strengths, weaknesses, and significant risks. The President and Chief Executive Officer’s and senior management’s performance objectives and performance appraisals aligned with the corporation’s strategic objectives. The corporation’s performance management and compensation framework supported its long-term strategic objectives and prudent risk taking. The corporation developed a new information technology strategy that addressed future information technology needs and the corporation’s strategic objectives. |
|
|
Performance measurement |
The corporation established performance indicators in support of achieving strategic objectives. |
The corporation had a systematic performance measurement process and established performance indicators to assess its progress toward strategic objectives. Weakness Some of the corporation’s non-investment performance indicators did not have specific targets for measuring the achievement of the strategic objectives. |
 |
|
Performance monitoring and reporting |
The corporation monitored and reported on progress in achieving its strategic objectives. |
The corporation established a process to monitor progress toward its strategic objectives. The corporation reported on many performance indicators to stakeholders, including the public. The corporation monitored and reported quarterly to senior management and the board on its progress in implementing the strategic initiatives. Weakness The corporation did not consistently report to the board on some of its non-investment performance indicators and on progress toward its targets. |
|
|
Legend—Assessment against the criteria
Met the criteria
Met the criteria, with improvement needed
Did not meet the criteria |
|||
24. Weaknesses—Performance measurement, monitoring, and reporting. In our 2011 special examination report, we noted that the corporation had reported on the execution of tasks, rather than on outcomes. In the current audit, we found that the corporation had improved in this area. It established performance indicators for its 2016–21 strategic objectives. It also monitored and reported on the completion of strategic initiatives, and on its performance indicators and targets related to investment management. However, we found that some of its non-investment performance indicators did not have specific targets. We also found that the corporation did not report on all of its non-investment performance indicators consistently to the board. For example:
- For the strategic objective related to branding itself as a global pension investment manager, the corporation had performance indicators, but no specific targets to measure whether the objective would be achieved.
- For the strategic objective related to talent and the prioritization of inclusion and diversity, the corporation had performance indicators, but no specific targets to measure whether the objective would be achieved.
25. This weakness matters because monitoring progress against performance indicators and targets would help the corporation assess its progress toward its strategic objectives. Without this information, it cannot take timely action if it is at risk of not achieving them. The weakness also matters because if the corporation does not consistently report on all its performance indicators and targets, the board cannot fully monitor its performance.
26. Recommendation. The corporation should ensure that its strategic objectives are supported by performance indicators with targets that are specific and measurable. It should also regularly and consistently monitor and report on its performance against these indicators.
The corporation’s response. Agreed. In support of its next 5‑year strategic plan, the corporation is developing performance indicators to monitor the achievement of its strategic objectives. In the course of the 2021–22 fiscal year, the corporation will set targets for the indicators and will regularly monitor and report on progress against these indicators. The corporation will complete these by the end of 2021–22.
27. Analysis. We found that while the corporation had good systems and practices for corporate risk management, improvements were needed in some areas (Exhibit 7).
Exhibit 7—Corporate risk management—Key findings and assessment
| Systems and practices | Criteria used | Key findings | Assessment against the criteria |
|---|---|---|---|
|
Risk identification and assessment |
The corporation identified and assessed risks to achieve strategic objectives. |
The corporation had a systematic risk management process in place. The corporation identified and assessed its significant risks through its risk and control self-assessment process and involved all departments in this process. The corporation identified, assessed, monitored, and reported on the risk of fraud, wrongdoing, and insider trading. The corporation established risk assessment practices for information technology systems and information assets. |
|
|
Risk mitigation |
The corporation defined and implemented risk mitigation measures. |
The corporation defined risk mitigation measures and assigned owners in the annual Risk and Control Self-Assessment Report. The corporation had a risk appetite statement, approved by the board, for significant investment and non-investment risks. The corporation’s Compliance Department developed a compliance methodology. This department oversaw how the corporation complied with the laws and regulations of the jurisdictions it operated in. The corporation established risk mitigation measures for information technology systems and information assets, and took action to ensure that they were safeguarded. Weaknesses In its risk appetite statement, the corporation did not establish risk appetite metrics, thresholds, or limits for some significant non-investment risks. The corporation had not fully implemented a risk-based compliance program. The corporation had a model validation procedure but it did not include a model risk assessment methodology and other model risk management procedures. |
|
|
Risk monitoring and reporting |
The corporation monitored and reported on the implementation of risk mitigation measures. |
The corporation provided risk management reports to senior management and the board quarterly. The corporation established risk monitoring practices for information technology systems and information assets to ensure they were safeguarded. The Compliance Department provided periodic reports to the board on the status of the corporation’s compliance with laws and regulations. Weaknesses The corporation provided the Risk and Control Self-Assessment Report to senior management and the board only once a year. This report did not include timelines and deliverables for every mitigation measure. It also did not consistently include an update on the corporation’s progress on implementing risk mitigation measures. |
|
|
Investment risk management |
The corporation had risk management processes, methodologies, models, and tools in place to support identification, measurement, monitoring, and reporting of risks inherent to investment activities. |
The corporation defined investment risk governance and management processes, and separated investment risk management duties and oversight appropriately. The corporation had investment risk management policies that aligned with its strategic direction and risk appetite. The corporation documented and regularly reviewed its valuation and investment risk measurement methodologies, assumptions, and models. Investment risk information, including exceptions and escalations, was reported on a timely basis to senior management and quarterly to the board. The corporation performed regular and ad hoc scenario analyses and stress tests, and analyzed and reported the results. |
|
|
Legend—Assessment against the criteria
Met the criteria
Met the criteria, with improvement needed
Did not meet the criteria |
|||
28. Weaknesses—Risk mitigation. In our 2011 special examination report, we found that the corporation had not defined its risk tolerance for non-investment risks. We found that during this audit period, the corporation had improved in this area. It established a board-approved risk appetite statement to set risk appetite for investment and non-investment risks. It also set risk appetite metrics, with thresholds or limits, for its investment risks. However, as also noted in a 2019 internal audit report, it did not set metrics and thresholds or limits, when applicable, for some of its significant non-investment risks. The thresholds or limits would set the degree of risk that the corporation is prepared to accept in pursuing its objectives. Because it did not set these parameters, management was left to make decisions without clear guidance on how much risk the corporation would accept before responding with mitigation measures.
29. We also found that the corporation had not fully implemented a risk-based compliance program. At the time of our audit, it was in the process of completing compliance risk assessments, using a risk-based approach that would evaluate how its business units were complying with the regulations relevant to its operations.
30. The corporation used models for valuing financial instruments and measuring risk. It adopted a model validation procedure that assessed models as critical or non-critical, and set requirements for model documentation, validation, and oversight. However, as also noted in a 2019 internal audit report, the model validation procedure did not outline a methodology for model risk assessment, or procedures for model development, ownership, maintenance, independent validation, monitoring, or reporting.
31. These weaknesses matter because without risk appetite thresholds and limits for significant non-investment risks, the corporation cannot ensure that its decision making aligns with the board-approved risk appetite statement. Furthermore, completing compliance risk assessments for laws and regulations relevant to its operations would ensure that the corporation does not inadvertently contravene a law or regulation, exposing it to financial and reputational risk. Finally, a complete model risk validation procedure would provide consistency in model governance and model risk management activities. This would also allow the corporation to communicate its expectations of model risk management throughout all its departments.
32. Recommendation. The corporation should set risk appetite metrics and thresholds or limits for significant non-investment risks.
The corporation’s response. Agreed. The corporation is establishing tolerances or thresholds for non-investment risks, as an initiative to provide additional assurance on its management and monitoring of key non-investment risks for management and the board, as appropriate. The corporation will identify the appropriate tolerances or thresholds for the significant non-investment risks, recognizing that these may in some cases be best expressed qualitatively. The corporation will complete these matters by the end of the 2021–22 fiscal year.
33. Recommendation. The corporation should complete compliance risk assessments, using a risk-based approach, to evaluate its adherence to the regulations relevant to its operations.
The corporation’s response. Agreed. The corporation intends to continue to complete compliance risk assessments of its business units in accordance with its internal schedule and before the end of the 2021–22 fiscal year.
34. Recommendation. The corporation should develop and apply, enterprise-wide, a model risk management framework comprising model governance, a model risk assessment methodology, a model validation methodology, and model risk management activities. The corporation could leverage and expand its current model validation procedure to develop this framework.
The corporation’s response. Agreed. During the 2020–21 fiscal year, the corporation reviewed and enhanced its model governance framework with an emphasis on the framework ownership, roles and responsibilities, and scope of the framework—including model definition, model inventory and materiality assessment linked to the review cycle, model documentation, and validation requirements. In 2021–22, the corporation will determine priority areas to expand the application of the framework, based on materiality.
35. Weakness—Risk monitoring and reporting. The corporation provided risk monitoring information to senior management and the board through its Enterprise Risk Management Quarterly Report and the Risk and Control Self-Assessment Report. The latter report described the corporation’s significant investment and non-investment risks, and identified mitigation measures for each of them. However, the corporation provided this report only once a year and did not include timelines and deliverables for every mitigation measure. The report also did not consistently include updates of the corporation’s progress toward implementing those measures.
36. This weakness matters because without timelines and deliverables for each mitigation measure, the corporation cannot effectively track its progress toward implementing them. Also, without regular reporting to the board on risk mitigation measures, the board cannot effectively monitor the corporation’s progress in implementing these measures.
37. Recommendation. The corporation should continue to enhance its reporting to the board on implementation of mitigation measures, to identify clear timelines and deliverables, and provide a periodic update on progress and completion as part of its risk and control self-assessment process.
The corporation’s response. Agreed. The corporation prioritizes the continued enhancement of its reporting to the board, to ensure that the information is effective, streamlined, and appropriate. The corporation will consider augmenting its periodic board updates with regard to progress and completion of key mitigation measures, where relevant. The corporation will complete these matters by the end of the 2021–22 fiscal year.
Investments and operations management
The corporation had good practices for investments and operations management
38. We found that the corporation had good systems and practices for managing its investments and operations.
39. The analysis supporting this finding discusses the following topic:
40. The corporation’s business units and departments manage its assets to achieve its mandate. The corporation also has a team of investment professionals that designs investment strategies aligned with its investment objectives and Statement of Investment Policies, Standards and Procedures. This team also manages risks and investment performance.
41. As a global pension investment manager with a long-term view, the corporation integrates environmental, social, and governance factors within its investment decision making.
42. We made no recommendations in this area of examination.
43. Analysis. We found that the corporation had good systems and practices for investments and operations management (Exhibit 8).
Exhibit 8—Investments and operations management—Key findings and assessment
| Systems and practices | Criteria used | Key findings | Assessment against the criteria |
|---|---|---|---|
|
Operational planning |
The corporation defined operational plans that were aligned with its strategic plans and mandate. |
The corporation’s operational plans aligned with the corporate business plan and strategy, and incorporated stakeholders’ requirements. The corporation documented, approved, and communicated investment strategies for each asset class. The strategies aligned with the corporation’s strategic objectives and established risk appetite limits. The corporation had an enterprise information technology strategy, a human resources strategy, and a data governance and management strategy that aligned with its strategic direction. Succession planning was in place for all senior and critical positions. The plans identified top and high-potential individuals, with the objective of developing and retaining them. |
|
|
Operational plan implementation |
Management implemented the operational plans to deliver results in accordance with the expected output of the business units. |
Management implemented and monitored its operational plans. To carry out investment activities, management clearly defined the levels of authority required for each asset class. The investment authority limits were periodically reviewed and updated. The corporation monitored adherence to the investment authority limits and reported breaches. The investment-related business units identified, approved, and engaged external managers and investment partners. The investment-related business units documented arrangements with external managers and investment partners, and monitored and reported on their performance against targets. New investment initiatives were assessed and approved by independent departments before launch, in alignment with the corporation’s risk and return objectives and its investment strategy and expertise. |
|
|
Performance monitoring and reporting |
The corporation monitored and reported on its operational results. |
The corporation periodically monitored and reported on compliance with investment policies and guidelines. The corporation measured, monitored, and reported operational results and investment performance against targets to senior management and the board. The corporation established an independent department that monitored investment compliance and performance monitoring and reporting. The corporation adjusted its business and investment strategies in response to stakeholder needs and internal and external environments, and to fulfill its mandate. |
|
|
Responsible investment |
The organization integrated environmental, social, and governance risks when making decisions and managing its investments. |
The corporation developed a responsible investment strategy that aligned with those of its peers. The corporation established a portfolio-wide climate change approach that integrated climate considerations into investment management. The corporation established processes and frameworks for asset classes, to integrate environmental, social, and governance risks as part of investment due diligence and investment management. The corporation communicated information to stakeholders about its responsible investment strategy and activities through an annual Responsible Investment Report. This report aligned with the responsible investment reports of the corporation’s peers. |
|
|
Legend—Assessment against the criteria
Met the criteria
Met the criteria, with improvement needed
Did not meet the criteria |
|||
Commentary on the United Nations’ Sustainable Development Goals
44. In 2015, Canada and other United Nations member states adopted the 2030 Agenda for Sustainable Development, a vision for partnership, peace, and prosperity for all people and the planet. The 2030 Agenda outlined 17 Sustainable Development Goals that aimed to address current and future social, economic, and environmental challenges. At the national level, the Government of Canada reiterated its commitment to implementing these goals.
45. The federal government recently established formal expectations for the integration of the Sustainable Development Goals by federal departments and agencies. Similar expectations were not established for Crown corporations.
46. As part of its Sustainable Development Strategy, the Office of the Auditor General of Canada has committed to reporting on progress toward these goals as part of its audit work. As a result, we asked the corporation’s senior management about whether the corporation had integrated these goals into its investment operations.
47. Senior management told us that the corporation was aware of the Sustainable Development Goals and was monitoring how its peers were integrating and reporting against them. It had not systematically integrated these goals into its investment operations. However, its investment operations and the activities of its Responsible Investment group, as reported in its 2019 Responsible Investment Report, indirectly addressed 3 of the goals:
- gender equality (Goal 5)
- affordable and clean energy (Goal 7)
- responsible consumption and production (Goal 12)
48. The 2019 Responsible Investment Report did not explicitly link the corporation’s activities to the Sustainable Development Goals. Because its investment operations and the activities of the Responsible Investment group contributed to aspects of the Sustainable Development Goals, there is an opportunity for the corporation to enhance its reporting on the sustainability impact of its investment activities. It could also consider reporting on its contributions to support the government’s commitment to the Sustainable Development Goals.
49. In our view, the Sustainable Development Goals offer a framework for organizations, including Crown corporations, to identify and contribute to social, economic, and environmental impacts through their activities and to report on results. We encourage Crown corporations, including the Public Sector Pension Investment Board, to consider and integrate these goals as a means of embedding sustainability considerations into their operations, while supporting the government in this important initiative.
Conclusion
50. In our opinion, on the basis of the criteria established, there was reasonable assurance that there were no significant deficiencies in the corporation’s systems and practices we examined. We concluded that the Public Sector Pension Investment Board maintained its systems and practices during the period covered by the audit in a manner that provided the reasonable assurance required under section 138 of the Financial Administration Act.
Subsequent Event
51. The corporate governance section of this report discusses the board appointments for the Public Sector Pension Investment Board. At the end of our examination, 4 of the 11 board members’ terms had expired. As of 1 February 2021, 3 positions were filled and 1 position was vacant.
About the Audit
This independent assurance report was prepared by the Office of the Auditor General of Canada (the Office) and Deloitte Limited Liability PartnershipLLPFootnote 1 on the Public Sector Pension Investment Board. Our responsibility was to express
- an opinion on whether there was reasonable assurance that during the period covered by the audit, there were no significant deficiencies in the corporation’s systems and practices we selected for examination
- a conclusion about whether the corporation complied in all significant respects with the applicable criteria
Under section 131 of the Financial Administration Act, the corporation is required to maintain financial and management control and information systems and management practices that provide reasonable assurance of the following:
- Its assets are safeguarded and controlled.
- Its financial, human, and physical resources are managed economically and efficiently.
- Its operations are carried out effectively.
In addition, section 138 of the act requires the corporation to have a special examination of these systems and practices carried out at least once every 10 years.
All work in this audit was performed to a reasonable level of assurance in accordance with the Canadian Standard on Assurance Engagements (CSAE) 3001—Direct Engagements, set out by the Chartered Professional Accountants of Canada (CPA Canada) in the CPA Canada Handbook—Assurance.
The Office and Deloitte LLP apply the Canadian Standard on Quality Control 1 and, accordingly, maintain comprehensive systems of quality control, including documented policies and procedures regarding compliance with ethical requirements, professional standards, and applicable legal and regulatory requirements.
In conducting the audit work, we complied with the independence and other ethical requirements of the relevant rules of professional conduct applicable to the practice of public accounting in Canada, which are founded on fundamental principles of integrity, objectivity, professional competence and due care, confidentiality, and professional behaviour.
In accordance with our regular audit process, we obtained the following from the corporation:
- confirmation of management’s responsibility for the subject under audit
- acknowledgement of the suitability of the criteria used in the audit
- confirmation that all known information that has been requested, or that could affect the findings or audit conclusion, has been provided
- confirmation that the audit report is factually accurate
Audit objective
The objective of this audit was to determine whether the systems and practices we selected for examination at the Public Sector Pension Investment Board were providing the corporation with reasonable assurance that its assets were safeguarded and controlled, its resources were managed economically and efficiently, and its operations were carried out effectively, as required by section 138 of the Financial Administration Act.
Scope and approach
Our audit work examined the Public Sector Pension Investment Board. The scope of the special examination was based on our assessment of the risks the corporation faced that could affect its ability to meet the requirements set out by the Financial Administration Act.
The systems and practices selected for examination for each area of the audit are found in the exhibits throughout the report.
As part of our examination, we interviewed members of the Board of Directors, senior management, and employees of the corporation to gain insight into its systems and practices. We reviewed documents related to the systems and practices selected for examination. We tested the systems and practices to obtain the required level of audit assurance. Our testing sometimes included detailed sampling. For example, we selected samples based on auditors’ judgment in corporate governance, strategic planning, corporate risk management, and investments and operations management.
In carrying out the special examination, we relied on the internal audits of wholly owned operating subsidiaries’ governance, business continuity management, global private investment acquisition and disposal processes, and natural resources and real estate acquisition and disposal processes.
We did not examine the systems and practices of the Public Sector Pension Investment Board’s subsidiaries, including those that are wholly owned. We did examine the systems and practices that the Public Sector Pension Investment Board had in place to exercise oversight over its subsidiaries.
Sources of criteria
The criteria used to assess the systems and practices selected for examination are found in the exhibits throughout the report.
Corporate governance
Meeting the Expectations of Canadians: Review of the Governance Framework for Canada’s Crown Corporations, Treasury Board of Canada Secretariat, 2005
Internal Control—Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission, 2013
Enterprise Risk ManagementERM—Integrating with Strategy and Performance, Committee of Sponsoring Organizations of the Treadway Commission, 2017
Corporate Governance in Crown Corporations and Other Public Enterprises—Guidelines, Department of Finance and Treasury Board, 1996
20 Questions Directors Should Ask about Risk, Canadian Institute of Chartered Accountants, 2006
Performance Management Program for Chief Executive Officers of Crown Corporations—Guidelines, Privy Council Office, 2016
Practice Guide: Assessing Organizational Governance in the Public Sector, The Institute of Internal Auditors, 2014
Strategic planning
Meeting the Expectations of Canadians: Review of the Governance Framework for Canada’s Crown Corporations, Treasury Board of Canada Secretariat, 2005
Guidelines for the Preparation of Corporate Plans, Treasury Board of Canada Secretariat, 1996
Corporate Governance in Crown Corporations and Other Public Enterprises—Guidelines, Treasury Board of Canada Secretariat, 1996
Recommended Practice Guideline 3, Reporting Service Performance Information, International Public Sector Accounting Standards Board, 2015
20 Questions Directors Should Ask about Risk, Canadian Institute of Chartered Accountants, 2006
ERM—Integrating with Strategy and Performance, Committee of Sponsoring Organizations of the Treadway Commission, 2017
Corporate risk management
20 Questions Directors Should Ask about Risk, Canadian Institute of Chartered Accountants, 2006
Internal Control—Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission, 2013
ERM—Integrating with Strategy and Performance, Committee of Sponsoring Organizations of the Treadway Commission, 2017
Corporate Governance in Crown Corporations and Other Public Enterprises—Guidelines, Treasury Board of Canada Secretariat, 1996
Control Objectives for Information and related TechnologyCOBIT 4.1 Framework—DS5 (Ensure Systems Security) and ME3 (Ensure Compliance with External Requirements), information technologyIT Governance Institute and Information Systems Audit and Control AssociatioISACA
COBIT 5 Framework, ISACA
Global Technology Audit Guide: Assessing Cybersecurity Risk—Roles of the Three Lines of Defense, Institute of Internal Auditors, 2016
Cyber Security Self-Assessment Guidance, Office of the Superintendent of Financial Institutions, 2013
Investments and operations management
20 Questions Directors Should Ask about Risk, Canadian Institute of Chartered Accountants, 2006
Guidelines for the Preparation of Corporate Plans, Treasury Board of Canada Secretariat, 1996
Pension Plan Prudent Investment Practices Guideline and Self-Assessment Questionnaire, Canadian Association of Pension Supervisory AuthoritiesCAPSA, 2011
The Global Investment Performance Standards, Chartered Financial AnalystCFA Institute, 2020
Investment Industry Standards, CFA Institute
ERM—Integrating with Strategy and Performance, Committee of Sponsoring Organizations of the Treadway Commission, 2017
A Guide to the Project Management Body of Knowledge (PMBOK® Guide), fourth edition, Project Management Institute incorporatedInc., 2008
COBIT 5 Framework—APO05 (Manage Portfolio), BAI01 (Manage Programmes and Projects), ISACA
COBIT 5 Framework—EDM02 (Ensure Benefits Delivery), ISACA
Plan-Do-Check-Act management model adapted from the Deming Cycle
Internal Control—Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission, 2013
Risk Principles for Asset Managers, The Global Association of Risk ProfessionalsGARP Buy Side Risk Managers Forum, 2015
Liquidity Risk Principles for Asset Managers, The GARP Buy Side Risk Managers Forum, 2017
Funding Policy for the Public Sector Pension Plans, Treasury Board of Canada Secretariat, 2018
Public Sector Pension Investment Board Act
Principles of Responsible Investment, United Nations, 2006
Transforming Our World: The 2030 Agenda for Sustainable Development, United Nations, 2015
Final Report: Recommendations of the Task Force on Climate-related Financial Disclosures, Financial Stability Board, 2017
Final Report of the Expert Panel on Sustainable Finance, Environment and Climate Change Canada, 2019
Period covered by the audit
The special examination covered the period from 1 September 2019 to 23 October 2020. This is the period to which the audit conclusion applies. However, to gain a more complete understanding of the significant systems and practices, we also examined certain matters that preceded the start date of this period. We also noted a subsequent event on 18 December 2020.
Date of the report
We obtained sufficient and appropriate audit evidence on which to base our conclusion on 1 February 2021, in Montréal, Canada.
Audit team
Office of the Auditor General of Canada:
Principal: Mélanie Cabana
Director: Josée Maltais
Anastasiya Abmiotka
Sophie Bernard
John Ebsary
Josée Surprenant
Alexandre Tremblay
Deloitte LLP:
Partners: Chantal Leclerc and Victoria Loutsiv
Managers: Ali Shah and Usha Sthankiya
May Lim
Nicolas Panaritis
List of Recommendations
The following table lists the recommendations and responses found in this report. The paragraph number preceding the recommendation indicates the location of the recommendation in the report, and the numbers in parentheses indicate the location of the related discussion.
Corporate management practices
| Recommendation | Response |
|---|---|
|
26. The corporation should ensure that its strategic objectives are supported by performance indicators with targets that are specific and measurable. It should also regularly and consistently monitor and report on its performance against these indicators. (24 to 25) |
The corporation’s response. Agreed. In support of its next 5‑year strategic plan, the corporation is developing performance indicators to monitor the achievement of its strategic objectives. In the course of the 2021–22 fiscal year, the corporation will set targets for the indicators and will regularly monitor and report on progress against these indicators. The corporation will complete these by the end of 2021–22. |
|
32. The corporation should set risk appetite metrics and thresholds or limits for significant non-investment risks. (28 to 31) |
The corporation’s response. Agreed. The corporation is establishing tolerances or thresholds for non-investment risks, as an initiative to provide additional assurance on its management and monitoring of key non-investment risks for management and the board, as appropriate. The corporation will identify the appropriate tolerances or thresholds for the significant non-investment risks, recognizing that these may in some cases be best expressed qualitatively. The corporation will complete these matters by the end of the 2021–22 fiscal year. |
|
33. The corporation should complete compliance risk assessments, using a risk-based approach, to evaluate its adherence to the regulations relevant to its operations. (28 to 31) |
The corporation’s response. Agreed. The corporation intends to continue to complete compliance risk assessments of its business units in accordance with its internal schedule and before the end of the 2021–22 fiscal year. |
|
34. The corporation should develop and apply, enterprise-wide, a model risk management framework comprising model governance, a model risk assessment methodology, a model validation methodology, and model risk management activities. The corporation could leverage and expand its current model validation procedure to develop this framework. (28 to 31) |
The corporation’s response. Agreed. During the 2020–21 fiscal year, the corporation reviewed and enhanced its model governance framework with an emphasis on the framework ownership, roles and responsibilities, and scope of the framework—including model definition, model inventory and materiality assessment linked to the review cycle, model documentation, and validation requirements. In 2021–22, the corporation will determine priority areas to expand the application of the framework, based on materiality. |
|
37. The corporation should continue to enhance its reporting to the board on implementation of mitigation measures, to identify clear timelines and deliverables, and provide a periodic update on progress and completion as part of its risk and control self-assessment process. (35 to 36) |
The corporation’s response. Agreed. The corporation prioritizes the continued enhancement of its reporting to the board, to ensure that the information is effective, streamlined, and appropriate. The corporation will consider augmenting its periodic board updates with regard to progress and completion of key mitigation measures, where relevant. The corporation will complete these matters by the end of the 2021–22 fiscal year. |