THE STANDING COMMITTEE ON AUDIT AND OVERSIGHT
EVIDENCE
OTTAWA, Wednesday, October 29, 2025
The Standing Committee on Audit and Oversight met with videoconference this day at 1:30 p.m. [ET], to supervise and report on the Senate’s internal and external audits and related matters and, in camera, for consideration of a draft report.
Senator Marty Klyne (Chair) in the chair.
[English]
The Chair: Honourable senators, Ms. Fortin and Mr. Plamondon, I declare this meeting in order. I am Marty Klyne, a senator from Saskatchewan and Chair of the Standing Committee on Audit and Oversight.
Before we begin, I will ask all senators and other in-person participants to consult the cards on the table for guidelines to prevent audio feedback incidents.
Please make sure to keep your earpiece away from all microphones at all times. Do not touch the microphone. It will be turned on and off by the console operator. Please avoid handling your earpiece while your microphone is on. You may either keep it on your ear or place it on the designated sticker in front of you on your desk. Thank you all for cooperation in this regard.
Participating in today’s meeting are Senator Tony Loffreda, deputy chair from Quebec; Senator Colin Deacon, deputy chair from Nova Scotia; Ms. Hélène Fortin, external member from Quebec; and Mr. Robert Plamondon, external member from Ontario.
For everyone’s awareness, staff from committee members’ offices may also be participating in this hybrid meeting.
We will begin with our first agenda item, which is referencing the external audit. Today, we will be meeting with the external auditor on the financial statement audit results for the fiscal year ending March 31, 2025.
From Ernst & Young, we welcome Suzanne Gignac, Partner, Assurance Services; and Sonia Leblanc, Partner, Assurance Services. Thank you both for being here today.
From the Senate Administration, we welcome Pascale Legault, the Chief Corporate Services Officer; from the Senate Finance and Procurement Directorate, Isabelle Ricard, Chief Financial Officer; and Nathalie Charpentier, Comptroller and Deputy Chief Financial Officer. I was expecting someone in attendance here as an observer, but that might happen later.
The oversight of external audit work is a core responsibility of our committee. At our October 8 meeting, the committee had an opportunity to discuss the audit results from Ernst & Young, which summarizes Ernst & Young’s audit work and conclusions on the financial statements.
Since our previous meeting, the committee has also received the Senate financial statements for the year ended March 31, 2025, and management’s annual financial highlights, which is an internal report received for information.
Before I turn the floor over to Ernst & Young, I want to emphasize that Ms. Gignac and Ms. Leblanc will only be talking about the 2025 audit results and the financial statements today. I now invite Ms. Leblanc and Ms. Gignac to make their opening remarks. The floor is yours.
Sonia Leblanc, Partner, Assurance Services, Ernst & Young LLP: Thank you very much. I’m happy to be here in front of the committee again. We had made a preliminary presentation a couple of weeks ago. We understand and trust that AOVS has received the financial statements.
Since our last presentation, we issued our audit opinion on the Senate’s financial statements as of March 31, 2025. It is a clean opinion, as anticipated, so no modifications. We have completed all of our audit procedures up to the date of the CIBA meeting from last week. There are really no additional observations or issues that arose from the procedures we had to extend up to that date.
In summary, our audit was completed in accordance with our communicated audit strategy and plan, and no significant corrected or uncorrected misstatements were identified.
We also did not identify any significant deficiencies and controls to bring to your attention, and as a result, we do not intend to issue a management letter for this year.
Our areas of audit emphasis are also in line with those presented in our plan. Maybe just for recollection, we did perform substantive procedures over services received without charge, accounts payable, accrued liabilities, vacation pay and compensatory leave, salaries and benefits, as well as administrative expenses and other operating expenses. There are no significant risks identified in our audit other than the presumed risk of management override, which we addressed via journal entry testing, as well as other data analytics on the general ledger of the Senate.
I will pause here and open the floor to questions.
The Chair: Thank you for that presentation. Before we open the floor to questions, as I mentioned earlier, the auditors are here to talk about the 2025 audit results and the financial statements. I would like to remind committee members that we are in public. We all have the opportunity to meet with the auditors in camera without any staff present after the first portion of the meeting.
Senator Loffreda: Thank you, Suzanne and Sonia, for being here, as well as Isabelle, Nathalie and Pascale. I’m sure Pascale misses us.
You did say there are no significant risks. I am always concerned because I see more and more, across many enterprises across government, the increase of cybersecurity and financial systems integrity risk. How did you consider that in your audit work? Just elaborate on that. I want to be reassured it’s not a significant risk going forward.
Ms. Leblanc: In terms of the risks for any technology of information used in the preparation of the financial statements, we are required to perform some procedures to gain an understanding of, first, what technologies are used and what could be the potential impact or involvement of technology in the preparation of the financial information. During that process, we look at the controls in place, for instance, around access controls and change management controls. If I oversimplify it, we look at, for instance, what systems are being leveraged as part of the financial processes, and what access and change management controls are in place for all of those systems. As a result, we inform our risk assessment. No significant deficiency or risks were identified during that phase.
It’s important to note that we do not test the operating effectiveness of those controls. We ensure that we gain an understanding of them. We confirm that they are a design and that the design is appropriate.
In terms of the second part of your question around cyber risk, we gain an understanding, again, on the risks, and we focus on the financial reporting systems and financial information, not all data broadly handled by the Senate. Our procedures are focused around those systems. Again, there was no significant risk identified for cyber, and we were also not aware of any cyber incident or breaches that were brought to our attention.
Senator Loffreda: We are in a dynamic world, things are changing every day, and the way fraud or cyber fraud is executed changes. Have you seen any change in the internal controls during the last audit or over the last year? Should there be any change of some of the internal controls given the reality of the risks we are talking about and how dynamic they are?
Ms. Leblanc: No changes to the relevant controls that we look at as part of our audit for financial reporting. It is a valid point. Risks are continuously evolving. From our perspective, the control framework for the financial reporting process of the Senate is pretty strong. We do believe it continues to be appropriate to detect and identify material misstatements.
Robert Plamondon, External Committee Member: Thanks for the report and for the credibility you add to the financial statements of the Senate of Canada by expressing an opinion on those statements. It is a clean opinion. We would expect a clean opinion in almost all circumstances.
It would be very unusual not to have a clean audit opinion, but it’s good to have a third party, independent opinion on our financial statements that ensures we’re following generally accepted accounting principles, and you follow generally accepted auditing standards.
The financial statements as presented are relatively high level. There’s not a lot of detail in the financial statements, as you would expect. You’re reporting within balance of materiality.
The benefit of the material we have in front of us, or the real value, is the financial highlights report where management has provided, at a fairly detailed level, explanations about the changes in numbers year over year.
They look at the comparisons to budget, the reasons why we’re over and under budget, the reasons why we are over and above prior year. That gives us meaningful insight into the operations of the Senate. I don’t think you can look at one without the other and draw a conclusion. I think you need both in order to get a complete understanding or, for most people, the level of understanding they need for the way the Senate’s finances are done. I wanted to salute management for the financial highlights report, which I think is critical. I wish to draw attention to it.
I have a couple of questions on that. This will seem simple, but I have a formatting question on the financial statements themselves. If I look to the statement of operations — which, in the package, is on page 7 but it’s on page 2 — it’s nice to see at the bottom line we have a net surplus for the year. In other words, our funding was greater than our cost of operations.
Normally, when you see a bottom line consistent with the description, that surplus, you don’t have the brackets around it. Normally, the brackets are contrary to what you would expect. If it was a loss, you would see brackets around it. This is a surplus, which is what the line describes.
Is there a reason there are brackets there as opposed to no brackets? It triggered me as if something seems wrong here, but it’s not.
The Chair: Thank you, Mr. Plamondon.
Did you have a response or comment?
Ms. Leblanc: It’s probably for consistency, I think, for year over year. If there was a year where it was a deficit but showed as a positive.
Mr. Plamondon: There is no deficit in either year here.
Pascale Legault, Chief Corporate Services Officer, Senate of Canada: The other financial statements we’re looking at are normally starting with sales, then expenses, then you get the net, which is normally a profit you’re expecting.
Here we’re looking at expenses. Then we have the funds provided for. If you’re doing $163 million minus $165 million, you’re getting a negative of $2 million. That’s why it’s in brackets, because it’s considered a negative.
I agree with you. This is more a style and preference. I’m sure our auditors would not change their opinion if we decided to remove the brackets.
Mr. Plamondon: No.
Ms. Legault: We would do it for both years. I agree it needs to be consistent. That was the preference of the past. We can definitely adjust if this is the preference going forward.
Mr. Plamondon: As a follow up to that, normally in a not-for-profit — let’s say a hospital — you would have surplus, brackets, deficit for the year. One would trigger the other. From a formatting perspective, it struck me as odd.
The more substantive question I had is that there is a significant change described in note 5 to the financial statements, which is related to the transfer of assets to the Senate from related parties. This has resulted in a significant change in, for example, our informatics which, on a net book-value basis, has doubled over the course of the year. It has resulted in a rather large change in our net financial position. We’ve got a much stronger net financial position because of the assets that are being transferred in.
In note 5, it says the Senate will be transferred tangible capital assets from a related party over the coming years and, in some cases, the use of these assets by the Senate has already begun. I imagine this is more a question for Ms. Legault. What is the nature of those transfers? What has led to this change?
Ms. Legault: Public Services and Procurement Canada, or PSPC, is the organization that prepares assets for the Senate. When we moved into the Senate of Canada Building, they purchased a number of assets. Once it becomes our responsibility, it is transferred to the Senate. That is the general explanation. It usually comes from them when we receive a transfer of assets, but that’s in general.
I don’t know if there is anything specific we want to say about the current year in the different categories of transfer of assets we’ve received.
Mr. Plamondon: I’m looking, for example, at informatics. Our net book value doubled over the course of the year. This is all a transfer, or was there a significant purchase? That’s the category where the change is material.
If you look at page 18 of the material, page 13 of the financial statements, net book value, informatics hardware went from $3.4 million to over $6 million. It also came up when I looked at the cash flow statement.
You have the acquisition of tangible capital assets, again at a rather large level.
Ms. Legault: Here we’re talking about acquisition, not necessarily transfer of assets, right?
Mr. Plamondon: They’re impacted by both.
Ms. Legault: The transfers are fairly small in this category, if we look at what has been transferred for informatics, we’re talking about close to $50,000. Are we looking at the same number? I want to make sure.
Mr. Plamondon: I’m looking at note 5.
Ms. Legault: Yes.
Mr. Plamondon: Page 18, page 13 of the financial statements. If you look at the net book value at the bottom of the page.
Ms. Legault: Yes.
Mr. Plamondon: Informatics hardware.
Ms. Legault: That’s right. That’s driven mainly by acquisition, not transfer of assets.
Mr. Plamondon: That’s a significant increase in that category. What was the nature of the acquisitions?
Ms. Legault: For the detail of the acquisition, I am going to ask our CFO. I don’t know if we have the information here.
Isabelle Ricard, Chief Financial Officer, Finance and Procurement Directorate, Senate of Canada: Yes, we do, if you give me a moment.
So $3.8 million was for informatics hardware and software; $3.1 million was for informatics hardware. It is for the Senate life cycle MOU we have for the network upgrades we did. There is $2.5 million for the multimedia life cycle project, and $0.5 million is a pooling of assets that we have when we buy assets less are less than $8,000, but we group them together. It becomes a pool of assets. It is mostly in informatics hardware.
Mr. Plamondon: The major increase is the $2.5 million for the media centre?
Ms. Ricard: Yes, multimedia life cycle project.
Mr. Plamondon: I wasn’t familiar with it. Thank you.
The Chair: Thank you. I have a question from Ms. Fortin. I’ll read her question, and it is within the realm of audit results.
Are there ways the audit process could be more efficient in the future? Why are the statements issued more than six months after the end of the year?
Ms. Leblanc: I can respond from the perspective of the audit. The audit was completed by the end of July. So I think with the current reporting and governance structures, we don’t see any immediate way to expedite the process. From our perspective, the audit was done quite shortly after year-end.
The Chair: For clarity’s sake, you referenced something about the way it was flowing from one to another and I didn’t catch your terminology.
Ms. Leblanc: In terms of the reporting to governance, so as part of the audit, although the work can all be completed, the financial statements need to be approved before we can issue and release our audit opinion. We understand there is a lot of complexity and a lot of subcommittees involved in the process for an organization like the Senate. So in response to that, I think it adds from when the audit work is completed to when they’re actually finalized, issued and available to the public.
The Chair: We’ll take that. Are there any other questions or comments?
Senator C. Deacon: I have three small ones. I’ll quickly build off of that. When you acquire a new audit client, do you ever give them a list of best practices in terms of what they can do to make sure that everything goes as smoothly as possible and you get to issue the audited financial statements as quickly as possible? Is there something you would provide to new audit clients in that regard? It’s a partnership between the two organizations and both sides have to do their best to get this done. I would think your ability to do your job is dependent on their ability to do their job. Just quickly, if you have anything that you can share along those lines, a prepared document or anything that would be included in a proposal, for example, to a new client.
Ms. Leblanc: I think we usually try to have a very customized approach to every single audit because we recognize that every single entity is different, especially in the public sector. So it is true that when we gain a new client, we mainly have a collaborative approach to understand the process that they’re following and to try to find and agree on a reasonable audit timeline and process. It’s done collaboratively, also recognizing that each client has different resources in terms of their finance team and also has different reporting requirements. Financial statements are one reporting requirement, but we also recognize that all our clients have different reporting requirements.
To answer your question, there is not really an all-encompassing document with best practices. There are publications that we have with best practices, but in terms of a customized one, every client is so unique in terms of the reporting and the resources they have so we wouldn’t have a one-size-fits-all answer.
Ms. Legault: I wanted to add and build on both questions relating to the timing of the financial statements. I just need to reiterate that working with EY for the audit, on their side, I think they are efficient in terms of the continuity of the team and being clear in terms of what documents are required and doing the work as required and as discussed and agreed to.
The financial statements are produced when they are produced and approved due to two major reasons. One of them is a conscious decision to have the work done in the summer and not prioritize this right away in April and May. We have a fairly small finance team dedicated to financial reporting, and what they do at year-end is basically finish the year-end and work on the public accounts and other reports that they have to do. Then as we get to the summer and that workload is reduced, then they can focus on the financial statements.
That is a conscious decision to decide to have the work done in the summer. The financial statements could be ready at the end of the summer for senators to consider, but basically since the Senate is not sitting, it’s not considered necessarily good value for money to bring all senators to consider the financial statements, so they consider the financial statements when they come back.
This year, the year of election, getting the committees organized and the subcommittees organized took a little bit of time. They prioritized their file as soon as they could. SEBS met, looked at the financial statements, then it went to CIBA, and now it’s coming to AOVS.
So it followed the process that is intended to be followed. I don’t think any of this delay is related to E&Y. It is basically the process that was approved.
Senator C. Deacon: We understand that it is not an E&Y delay; it’s a Senate delay. So it’s three to four months to get to the point of having the audited financial statements and then three to four months to approve the financial statements. I think there is a lot of room for us to improve at our end.
Senator Loffreda: It’s clear, I mean, E&Y does it within four months, which is quick enough. It’s the Internal Economy Committee that has to approve it. If there was a recommendation to be made, it’s CIBA that must approve the statements. It’s as clear as that. That was my question there.
But I have another question on the financial statements — the materiality level. Because you do 100% substantive testing, right. You don’t rely on compliance testing. Two things: I would like to know the materiality. And the fact that it’s 100% substantive testing, how deep do you dive into the internal controls? Given that you do no compliance testing, to what extent do you rely on the internal controls, given the fact that there is no compliance? I remember in my audit days, it was your compliance that determined your substantive, but that’s way in the past and I’m sure today things have changed. I would like you to elaborate on that if you can.
Ms. Leblanc: Thank you for the question. The materiality is 2.5% of total expenditures. So it’s well within the benchmark that we use for expenses —
Senator Loffreda: We have that but what dollar amount?
Ms. Leblanc: It’s $3.2 million.
Senator Loffreda: That doesn’t mean you don’t test anything below $3.2 million.
Ms. Leblanc: Correct.
Senator Loffreda: It means that if you find an error, it is $3.2 million that’s your materiality.
Ms. Leblanc: That’s correct.
Senator Loffreda: But you do test the smaller amounts?
Ms. Leblanc: Yes. We do use fraction of this materiality to determine our testing thresholds at the actual account level. It doesn’t mean that we don’t pick items, like samples, for instance, like an invoice or a transaction for testing if it’s below this number. That’s just the overall number that we use to make our final conclusion on the financial statements. When we do our test of detail —
Senator Loffreda: Accumulation of errors.
Ms. Leblanc: Accumulation of errors, yes.
Senator Loffreda: You can find $1 million in errors, but it is still not material?
Ms. Leblanc: Correct. But we do have a threshold where we would report uncorrected errors that are above our reporting thresholds that is much lower as well. That’s 5% of materiality, where we would report errors in the results report as well as to management and would present them to the committee if they are uncorrected.
Again, just to reiterate on the point, when we select our samples or the transactions that we will actually be testing, we look at some what we call key items that are mainly based on a quantitative threshold, but that’s one aspect. And then we pick random samples throughout the population. So regardless of the size of the transaction, there is a large portion of our samples that will be comprised of smaller transactions. Again, that’s just to address the statistical risk of errors.
So we do look at amounts that are way below this amount. This is just used to form our final conclusion.
In terms of your other questions on how deep we dive into the controls, again, you are right. Our audit strategy is fully substantive. It has been determined to be the most efficient audit approach based on the nature of the operations of the Senate as well as the volume of them. We do gain an understanding of the controls. We do walk them through for every significant process.
What does that mean? That means we will pick a sample transaction for, let’s say, a contract or an expense, and we will understand how the contract was entered into or how the goods were requested or services requested, how were they approved, and what kind of path that transaction follows and the controls along the way where we gain an understanding of them. That’s the extent to which we look into controls.
It is a little bit to the same extent for the use of IT in the audit, where we gain an understanding of the controls that are in place but don’t necessarily then test the operative effectiveness of those throughout the year.
Senator Loffreda: Thank you.
The Chair: And your question is with regard to the 2025 audit results?
Senator C. Deacon: Just to build on something, and Senator Loffreda asked a number of questions that I was very keen on. I just have one last question about the run informatics software. I don’t have any software in my life that I am aware of that I buy. It is all SaaS, rented as a service, software as a service. I see that we are buying software. I’m intrigued about that. It wouldn’t be a very large amount of what we use, I would think, but as an organization?
Maybe, Pascale, you are the —
Ms. Legault: I will turn it over to the team to provide some detail if we have it, and if we don’t, we will provide the detailed breakdown.
Senator C. Deacon: I was surprised to see the amortization period, because as a rule, we just rent software now, because it is always changing and always needs an update for cybersecurity reasons. Having it on our own is —
Amipal Manchanda, Chief Audit Executive, Office of the Chief Audit Executive, Senate of Canada: I am just wondering if it is software licenses.
Ms. Legault: It could be that.
But if I may, Mr. Chair, when we discuss the hardware, the informatics hardware, the largest investment, it was more in the committee room. That is really because we need to upgrade. The equipment has a useful life, and we need to basically invest and keep up with the House of Commons to ensure that our equipment remains up to date.
Senator C. Deacon: I’m thinking information related, so this is media related? Okay.
Ms. Legault: Yes, we definitely have that. If you want a breakdown of exactly —
Senator C. Deacon: No, that explains it. I’m sorry. My head was totally in information-related versus media-related software.
Thank you.
The Chair: We have come to the conclusion of comments and questions, and I just want to thank you again for your presentation and also for answering our questions.
We’re going to move in camera.
(The committee continued in camera.)