Skip Navigation

A Look Inside OSFI’s New Corporate Governance Guideline

September 26, 2018

­­­On September 18, 2018, the Office of the Superintendent of Financial Institutions (OSFI) released the final version of its revised Corporate Governance Guideline (Revised CG Guideline), following consultations in late 2017. The Revised CG Guideline follows Superintendent Jeremy Rudi­n’s announcement in June 2016 that OSFI intended to streamline and simplify the governance guidance for federally regulated financial institutions. The Revised CG Guideline provides a clearer delineation of board and senior management responsibilities, removes some of the more prescriptive elements of the previous CG Guideline, and consolidates expectations relating to board responsibilities that are currently set out in OSFI’s capital and risk-management guidelines into the Revised CG Guideline.

The Revised CG Guideline took effect on publication.

OSFI notes that its expectations for oversight of Canadian branches of foreign banks and insurers have not changed and that OSFI plans to review and amend Guidelines E-4A Role of the Chief Agent & Record Keeping Requirements and E-4B Role of the Principal Officer and Record Keeping Requirements in the near future.


The Revised CG Guideline makes a clearer distinction between the board’s primary and advisory responsibilities. OSFI expects that the primary responsibilities, noted below, should be the main focus of the board’s attention and activities, while the extent and nature of the board’s advisory input is left to the discretion of the board.

Specifically, the board’s primary responsibilities are to approve and oversee the following:

  • Strategy: A financial institution’s short-term and long-term business plan and strategy, as well as significant strategic initiatives
  • Risk Management: A financial institution’s risk appetite framework, internal control framework, code of conduct and significant policies or strategic initiatives relating to capital and liquidity management (such as internal capital targets or share issuance)
  • Key Appointments: Appointment, performance review, compensation and succession plans for the financial institution’s chief executive officer (CEO), other key members of senior management and heads of the oversight functions, succession plan for the board, and the mandate, resources and budgets for the oversight functions
  • Audit Plans: External and internal audit plans.

In addition to the above primary responsibilities, OSFI expects the board to challenge, advise and guide senior management in respect of the following duties, which, OSFI recognizes, are the responsibility of senior management:

  • Operational and Business Policies: A financial institution’s significant operational, business, risk management and human resources compensation policies
  • Business Performance and Effectiveness of Risk Management: How the financial institution performs relative to the board-approved business plan and strategy and how effective the financial institution’s oversight functions, risk appetite framework, internal control framework and capital and liquidity management plans are.

The Revised CG Guideline reiterates that the board should satisfy itself that senior management decisions and actions are consistent with the board-approved business plan, strategy and risk appetite and that the internal controls are sound. It also now expressly recognizes that the board is not responsible for the ongoing and detailed operationalization of its decisions. This is the responsibility of senior management. The Revised CG Guideline notes that the board has discretion to determine the extent and nature of its input in these and other matters that fall within senior management’s responsibilities. This approach reflects Superintendent Rudin’s 2016 remarks that OSFI has “chosen not to attempt to draw a bright line that separates where the board’s responsibilities end and where senior management’s responsibilities begin.” As the Superintendent noted, “deciding where to put the dividing line, and moving it when necessary, is one of the most important responsibilities of the board” and “can appropriately vary depending on the nature of the institution, and its specific circumstances.”

The Revised CG Guideline does not otherwise materially change the scope of senior management responsibilities. As under the previous CG Guideline, senior management comprises the financial institution’s CEO and individuals who are directly accountable to the CEO and may include the executives of the oversight functions. Senior management is responsible for implementing the Board’s decisions and directing the financial institution’s operations within the board-delegated authority in compliance with applicable laws.


OSFI has also trimmed away from the previous CG Guideline some of the more prescriptive requirements for the board and board committees and has generally made the Revised CG Guideline more focused and succinct (it is approximately 25 per cent shorter than the prior version). Specifically, the changes remove the non-exhaustive catalogue of issues that the audit committee must discuss with senior management and the external auditor and the audit committee’s considerations when selecting an external auditor. In addition, the discussion around board interaction with oversight functions and the principles of board effectiveness have been shortened. These revisions, OSFI has noted, are to focus the Revised CG Guideline more on what the board should achieve rather than how the board meets those objectives.

Here is a comparison between the original CG Guideline and the Revised CG Guideline.


The Revised CG Guideline is intended to serve as a one-stop shop for OSFI’s expectations for board responsibilities. To this end, discussion of board responsibilities that are included in OSFI’s risk management and capital guidelines have been removed from those guidelines and are now consolidated into the principles outlined in the Revised CG Guideline (or recast as duties of senior management). OSFI has also revised its Assessment Criteria and has incorporated into the Revised CG Guideline the key requirements of the rescinded OSFI Advisory – Changes to the Membership of the Board and Senior Management.


Other changes to the Revised CG Guideline include the following:

  • Risk Culture: There is an express reference to risk culture, consistent with OSFI’s past pronouncements on this topic. The board and senior management are expected to promote a risk culture that stresses integrity and effective risk management throughout the financial institution.
  • Board Diversity: The Revised CG Guideline provides that the board should be diverse and, collectively, bring a balance of expertise, skills, experience, competencies and perspectives, taking into account the financial institution’s strategy, risk profile, culture and overall operations.
  • Corporate Groups: The Revised CG Guideline offers more direct guidance on board oversight for financial institutions included in a larger corporate group. Specifically, where a federally regulated financial institution is part of a larger Canadian or foreign corporate group and is subject to its parent’s policies, OSFI expects that the subsidiary institution’s board should be satisfied that these policies are appropriate for the subsidiary’s business plan, strategy and risk appetite, and comply with Canadian regulatory requirements. If, on the other hand, the parent is another federally regulated financial institution, then OSFI expects that the parent institution’s board will oversee the activities of the subsidiary institution to be satisfied that the parent institution’s board meets its enterprise-wide oversight responsibilities.
  • OSFI Assessment of Boards: In assessing the effectiveness of a financial institution’s corporate governance, OSFI will look to gain insight into the discussions and deliberations at the board and board committee level, including those with and without senior management. OSFI’s assessment will focus on understanding the board’s behaviour and the objectivity, degree of challenge and independence in its decision-making process. The Revised CG Guideline also underscores the importance of open communication between the board and OSFI in the context of a principles-based approach to supervision, and OSFI’s expectation that substantive issues affecting a financial institution will be promptly communicated to OSFI.

OSFI has said it will conduct information seminars for directors and corporate secretaries of federally regulated financial institutions in fall 2018.

For further information, please contact:

Paul Belanger                            416-863-4284
Dawn Jetten                              416-863-2956
Vladimir Shatiryan                     416-863-4154
Ora Morison                              416-863-2712

or any other member of our Financial Services Regulatory group.