2019 Transparency Report Deloitte Audit September 2019 Audit & Assurance Contents

Leadership message 03

Deloitte network 05

Our purpose and commitment: audit quality 09

Engagement performance 14

External and internal audit quality monitoring 17

Independence, ethics, and additional disclosures 21

Appendix A | EU/EEA audit firms 28

Appendix B | Financial information 30

Appendix C | Public interest entities 31 2019 Transparency Report | Leadership message

Leadership message1

John Psaila, Chief Executive Officer - Managing Partner Christiane Chadoeuf, Audit & Assurance Business Leader

On behalf of Deloitte Audit, société à responsabilité limitée, an approved audit firm in Luxembourg (cabinet de révision agréé), we are pleased to present the tenth edition of our annual Transparency Report. This report refers to the financial year ended on 31 May 2019 and has been prepared pursuant to Article 13 of the Regulation (EU) N° 537/2014 of the European Parliament and of the Council of 16 April 2014 on specific requirements regarding statutory audit of public-interest entities (the "EU Audit Regulation") and in accordance with the Luxembourg Law of 23 July 2016 concerning the audit profession.

Audit practice is about so much more than numbers—it is about ensuring quality and instilling trust. It helps assure stakeholders that businesses are aspiring to the high standards that contribute to a strong and sound economy. It also explains to clients the positioning they have today, so that they can build on a foundation of strength for the future.

Year after year, we raise the standards of quality to serve the public interest and deliver confidence around the questions that matter most to all our stakeholders. In an increasingly complex world, we understand that the greatest challenge is always the next one. Accordingly, we aim to provide guidance and sound judgments by bringing continual enhancements to how we perform a Deloitte audit. This means constantly transforming our business by defining consistent, smarter ways of working, while remaining true to the core values that makes us who we are.

We are proud and honored to be able to present this report attesting to our commitment to audit quality and our unwavering culture of integrity, professional excellence, and accountability that guides our profession and underpins our organization.

The present Tranparency Report is issued in Luxembourg on 27 September 2019 on behalf of Deloitte Audit as duly represented by:

John Psaila Christiane Chadoeuf Chief Executive Officer - Managing Partner Audit & Assurance Business Leader Deloitte Luxembourg Group Deloitte Audit

1 Throughout this report, the terms “Deloitte, we, us, and our” refer to one or more of Deloitte Touche Tohmatsu Limited, its network of member firms, and their related entities. For more information about the Deloitte network, please see p. 5 or https://www2.deloitte.com/global/en/pages/about-deloitte/articles/about-deloitte.html. 03 04 2019 Transparency Report | Deloitte Network

Deloitte network

Deloitte Audit: legal structure France), is a shareholder in Deloitte DCE Network description and ownership GmbH (“DCE”). The object of DCE is the The Deloitte network Deloitte Audit, société à responsabilité fostering of the collaboration among its The Deloitte network is a globally limitée is a private limited liability shareholders as members of the global connected network of member firms and company under Luxembourg Deloitte network. DCE neither provides their affiliates operating in more than 150 laws, having its registered office at any professional services nor engages in countries and territories across the world. 20, Boulevard de Kockelscheuer, commercial activities. These separate and independent member L-1821 Luxembourg, Grand Duchy firms operate under a common brand. of Luxembourg and registered with DTT holds practice rights to provide the Luxembourg Trade and Register professional services using the “Deloitte” Company under number B 67895. name which it extends to Deloitte Professional Deloitte Audit is connected to the entities within Luxembourg, including standards Deloitte network through DELOITTE Deloitte Audit. Deloitte Audit is approved TOUCHE TOHMATSU, société à to serve as audit firm for companies in responsabilité limitée, abbreviated “DTT”, Luxembourg and abroad. a company having its registered office Deloitte Audit is an approved audit at 20, Boulevard de Kockelscheuer, Shared values L-1821 Luxembourg, Grand Duchy firm(cabinet de révision agréé) under of Luxembourg and registered the supersivion of the Commission with the Luxembourg Trade and de Surveillance du Secteur Financier. Companies Register under number Deloitte Audit is also registered with the B 60927, a member firm of Deloitte PCAOB (the Public Company Accounting Touche Tohmatsu Limited. Deloitte Oversight Board) and with the JFSA (the Audit, société à responsabilité limitée is Japan Financial Services Authority). Methodologies referred to throughout this report as The share capital of Deloitte Audit “Deloitte Audit”, and DELOITTE TOUCHE amounts to €35,000. 51% of the capital TOHMATSU, société à responsabilité and voting rights of Deloitte Audit is held limitée is referred to throughout this by aproved statutory auditors (réviseurs report as “DTT”. d’entreprises agréés) and 49% by DTT. Systems of quality control & risk DTT together with Deloitte GmbH Within Deloitte Audit, Partners are management Wirtschaftsprüfungsgesellschaft natural persons employed by Deloitte (Deloitte Germany), Deloitte Audit Audit with the grade of Partner Wirtschaftsprüfungs GMBH (Deloitte (“Partners”). Equity Partners of Deloitte Austria), Deloitte Central Europe Audit are those Partners who are Holdings Limited (Deloitte Central furthermore shareholders of DTT Europe) and Deloitte SAS (Deloitte (Equity Partners).

05 2019 Transparency Report | Deloitte Network

Deloitte Touche Tohmatsu Limited direct, manage, control or own any interest or the “Firm”) which refers to the group of (DTTL or Deloitte Global) in any member firm or any member firm’s operational subsidiaries of DTT. Deloitte Touche Tohmatsu Limited is a UK affiliated entities. private company limited by guarantee. DTT is exclusively owned by shareholders DTTL serves a coordinating role for its For more information about the Deloitte who are individuals. The Deloitte member firms and their affiliates by network, please see: About Deloitte. Luxembourg Group is managed by a Chief requiring adherence to policies and Executive Officer elected by the Partners protocols with the objective of promoting Deloitte Audit: governance – for a term of four years and by an Executive a consistently high level of quality, leadership in action Committee composed of Equity Partners professional conduct and service across Deloitte Audit is part of the Deloitte representing the main functions existing the Deloitte network. DTTL does not Luxembourg group (hereinafter referred within the Deloitte Luxembourg Group. provide professional services to clients, or to as “the Deloitte Luxembourg Group”

The following are the members of the Deloitte Luxembourg Group Executive Committee:

Deloitte Luxembourg Group – Executive Committee:

John PSAILA Vincent GOUVERNEUR Sophie MITCHELL Chief Executive Officer Managed Services and Operations Leader Managing Partner Transformation Leader Stephan TILQUIN Christiane CHADOEUF Raymond KRAWCZYKOWSKI Talent Leader Audit & Assurance Business Leader Tax Business Leader Joel VANOVERSCHELDE Benjamin COLLETTE Patrick LAURENT Advisory and Consulting Strategy, Clients & Industries Leader Technology & Innovation Leader Business Leader Bernard DAVID Jérôme LECOQ Cross-Border Relations Leader Reputation and Risk Leader

John Psaila Christiane Chadoeuf Benjamin Collette Bernard David Vincent Gouverneur Raymond Krawczykowski Chief Executive Officer Audit & Assurance Strategy, Clients & Cross-Border Managed Services and Tax Business Leader Managing Partner Business Leader Industries Leader Relations Leader Transformation Leader

Patrick Laurent Jerome Lecoq Sopgie Mitchell Stephan Tilquin Joel Vanoverschelde Technology & Reputation and Operations Leader Talent Leader ACG Business Leader Innovation Leader Risk Leader

06 2019 Transparency Report | Deloitte Network

The Deloitte Luxembourg Group provides Deloitte Audit is governed by a Board of overarching objective of audit quality, a range of services including audit, tax, Managers appointed by the shareholders’ including compliance with applicable financial advisory, risk advisory, and meeting and composed of approved professional standards and regulatory consulting services. statutory auditors (réviseurs d’entreprises requirements. agréés) and supported by the Audit The Deloitte Luxembourg Group also Executive Committee that consists of Approved audit firm of Deloitte Audit has an oversight body (the Supervisory Partners representing key streams The approved audit firm auditing Deloitte Board). The Supervisory Board can have necessary for the robust functioning of Audit is BDO Audit, société anonyme, with a maximum of eight members and is the Audit and Assurance practice; Clients its registered office at L-2350 Luxembourg, currently composed of eight members & Industries, Talent, Technology and 1 rue Jean Piret and registered with elected among and by the Equity Partners. Innovation, Risk and Quality. The Board of the Luxembourg Trade and Companies The primary role of the Supervisory Board Managers is responsible for the governance Register under number B-147.570. is to act as the primary policy and oversight and oversight of the Audit & Assurance body of the Firm. The Supervisory Board practice. The Board of Managers prepares also serves as a counterweight to the the annual accounts of Deloitte Audit. executive bodies of the Firm (Executive Committee, Chief Executive Officer) in The following are the members of the matters of long-term business and financial Deloitte Audit Board of Managers who strategy. were appointed by the Shareholders for an undetermined period of time: The Firm has a Chairman who is elected among and by the Equity Partners for Deloitte Audit – Board of Managers: a term not exceeding three years. The Chairman is ex-officio a member of the Christiane CHADOEUF Supervisory Board. The Chairman also Jérôme LECOQ chairs the general meetings of the Equity Partners and attends the meetings of the Christiane CHADOEUF, Audit & Assurance Executive Committee upon invitation of the Business Leader, is appointed by the Chief Executive Officer. Managing Partner of Deloitte Luxembourg Group. The following are the members of the Supervisory Board: The Board of Managers with the support of the Audit Executive Committee Deloitte Luxembourg Group develops and implements the strategy of Supervisory Board: the Deloitte Audit practice, including the Martin FLAUNET related policies and procedures. Chairman Deloitte Audit’s strategy is developed Thierry FLAMAND in alignment with the overall strategic Jean-Philippe FOURY direction established for the Global Joachim HEUKMES Deloitte Network and for the Firm. Basil SOMMERFELD Deloitte Audit Partners participate in Karine THIL Deloitte network groups that set and monitor quality standards, and from Stephane TILKIN which a number of audit quality initiatives Jan VAN DELDEN emanate. They are responsible for the

07 Our At Deloitte Audit, our purpose is to make an impact that matters. For Audit & Assurance, this means a focus on purpose and delivering independent high quality audits and instilling confidence and trust in the capital markets through commitment: our reports. This requires us to continuously build instilling trust capabilities to support the delivery of high quality audits and make leading contributions to shaping the future of and confidence the audit profession.

08 2019 Transparency Report | Our purpose and commitment: audit quality

Our purpose and commitment: audit quality

our offerings so that our clients are always Audit & Assurance Transformation ready to act with confidence as markets evolve. Being a relevant profession of the future and a sustainable practice that evolves with the pace of change in technology and society is critical. Driving this goal is Audit engagement acceptance the Deloitte Audit & Assurance Transformation initiative, which is currently being and continuance developed and deployed across the Deloitte network, including Deloitte Audit. As part of the ongoing transformation efforts, global initiatives are underway Audit & Assurance Transformation is an important shift across the network in the to foster a standard approach to audit way Deloitte professionals work and includes: engagement acceptance across the Deloitte network, resulting in consistent decisions and consideration of risk. The Firm has detailed policies and The Deloitte Way: standardization Real-time audit quality procedures in place for accepting of audit processes supported by monitoring prospective clients and engagements and our global technology suite assessing engagement risk. These policies and procedures are designed to ensure that it only accepts engagements where it:

•• Is able to perform the engagement and has the capabilities, including time and Enhanced talent model which Agile deployment of tools and resources, to do so. includes learning, rewards and technologies to respond to recognition, centers of excellence, •• Can comply with all relevant ethical changing environments and delivery centers requirements and professional standards, including independence and conflicts of interest assessments and considerations. Deloitte Global leadership Assurance Services: Instilling The Global Audit & Assurance Leadership trust and confidence •• Has considered the integrity of the Team is led by Jean-Marc Mickeler, Global In addition to advancing our core audit potential client’s management team. Managing Director Audit & Assurance. of financial statements, a fundamental Global Audit & Assurance responsibilities component in our transformation is the Engagement risk classification associated include: expansion of our assurance services. with accepting an engagement is assessed We are ready to help our clients address as ‘normal’, ‘greater than normal’ or ‘much •• Developing and driving Audit & changing regulations, increasing greater than normal’ and is completed Assurance strategy complexities, and the challenges and prior to accepting a client and engagement. •• Setting audit methodology standards and possibilities provided by the development The engagement risk assessment process approving audit policy and methodology of new technologies. includes approval by the recommending changes with the objective of enhancing Partner and concurrence by the Client audit quality across the Deloitte network. We provide assurance services relating to Acceptance Committee (under the complex accounting matters, transactional leadership of the Reputation and Risk •• Driving key audit quality initiatives and events, finance organizations, internal Leader) to assess whether Deloitte Audit policies across the Deloitte network financial controls, and on an ever- may accept the client and the engagement. expanding range of topics that result from In addition, the decision to accept market disruption. We are addressing the appointment is approved by Deloitte critical needs for trust today, and adapting Audit’s Risk Leader if the engagement

09 2019 Transparency Report | Our purpose and commitment: audit quality

risk is assessed as ‘greater than normal’ a significant change (e.g., change in This includes Illumia, our global analytics or ‘much greater than normal’. Deloitte ownership or management, financial platform, as well as an integrated suite of Audit does not assume the acceptance condition, or nature of entity’s business), enabling innovation tools all connected in of a client and/or the engagement merely the continuance of the relationship is the cloud. Locally, we use existing global because it has been referred from another reassessed. Decisions of engagement enabling tools such as: Member Firm. In assessing the acceptance continuance are concurred with Deloitte •• Deloitte Connect: a secure online of an engagement, client and professional Audit’s Risk Leader. communication, information sharing, and service risks are considered, which progress tracking tool that facilitates a generally include the following factors: Audit innovation2 two-way dialogue between the Deloitte With The Deloitte Way, Deloitte is bringing •• Management characteristics and integrity team and client team to effectively innovation into the core of how we audit: manage engagement coordination. •• Organization and management structure with automation that improves routine tasks, analytics that yield a deeper and We have started and will strengthen further •• Nature of the business more insightful view into clients' data, and the use of other new global enabling tools: •• Business environment artificial intelligence that enhances human discovery and problem-solving. As a result, •• Iconfirm: a secure and automated •• Financial results our clients get an experience that is less management of the audit confirmation •• Business relationships and related burdensome, with more transparency and process that coordinates multiple parties deeper insight. stakeholders on a centralized platform to enhance audit quality and increase •• Prior knowledge and experience Innovation is an expectation in today’s efficiencies fast-changing business environment, •• Anti-Money Laundering and Counter •• Reveal: a sophisticated analytics Terrorist Financing risk exposure and this expectation holds true for the audit profession as well. Today’s complex application that assists engagement teams in performing substantive Deloitte Audit’s engagement risk business environment requires that the audit be dynamic, multidimensional, and analytical procedures using regression assessment procedures identify related analysis risks and provide a basis for tailoring insightful. There is a demand for real- the audit approach in order to address time, relevant information, and clients •• Power BI: a tool which enables our engagement-specific risks. expect audits to evolve as they innovate professionals to visualize and analyze their businesses and processes. While data without assistance from a specialist. The engagement risk assessment begins traditional procedures still have a place in during the engagement acceptance/ auditing, Deloitte Audit practitioners are We are also developing our next-generation continuance process, and is ongoing enhancing procedures by making more cloud-based audit delivery platform— throughout the engagement. Risk use of technology-based analytics, Artificial Omnia—in addition to Levvia, a solution to assessment tools and programs are Intelligence (AI), cognitive & cloud-based manage audit engagements of small and encompassed in the audit approach technologies, etc. This is due in part to the medium size undertakings. documentation to facilitate the increased automation and effectiveness comprehensive risk assessment for such data analytics and other tools may As a complement to the above global planning the audit once the engagement is provide, but also the need for Deloitte enabling tools, Deloitte Audit practitioners accepted. Audit to stay in front of technological are using in-house developed applications. advances used by the entities that we audit. By growing a dedicated local audit IT team On an annual basis, engagements in Innovation is an integral part of the entire and by including in our audit teams mixed process for more than one year are audit delivery process. profiles with audit, IT as well as project reassessed to determine whether Deloitte management skills, we are in a position to Audit should continue the engagement. Deloitte is committed to a continued carry out projects in all industries and to Factors discussed above are revisited to investment in emerging technologies leverage the skills of our talented people ascertain whether the relationship should and diversity of thought that enables the to pursue a threefold objective of quality, be continued. delivery of enhanced quality, insights, value added for our clients, and efficiency. In addition, any time an entity undergoes and value to our clients and the markets. The audit IT team has developed

2 For more information about Deloitte audit innovation, please refer to: Global Impact Report. 10 2019 Transparency Report | Our purpose and commitment: audit quality

automated solutions aimed at capturing •• Advancement policies and procedures seminars, or e-learning covering all areas and transforming the client data in order to to identify the experience and the of our competency model (e.g., shared load it into applications developed for audit performance qualifications for competencies, function-specific technical purposes. advancement to each level have been competencies, and competencies in areas established and communicated to of specialization). The audit IT team is also developing Deloitte Audit professionals innovative solutions to assist the Deloitte has also established specific •• Procedures for periodic performance professionals in the management of learning opportunities for specialists evaluation have been established audit engagements and resources. These working on audit engagements to support solutions aim at enhancing the monitoring •• A framework to assist professional staff their knowledge and understanding of of our professionals in terms of compliance, in identifying realistic career paths and the audit process. Enhanced project operations, staff scheduling, financials and/ developing action plans to help realize management, a key capability for or workload. professional goals has been established. performing audit engagements, has been included in annual development In parallel, our Audit Innovation Lab helps Learning and development initiatives programs. The objective of the Deloitte to boost the ideation process and to Within the Audit & Assurance Audit professional development program brainstorm about the audit of the future. Transformation initiative are various is to help Partners and other professionals enhancements to the Deloitte talent and maintain and enhance their professional Talent learning experience: competence and ensure consistency of Hiring audit performance. Deloitte Audit has established policies Deloitte’s innovative approach to the and procedures designed to ensure that audit delivery allows our professionals it has sufficient Partners and professional to use more advanced analytics, apply staff with the required competencies, the latest tools, technologies and more capabilities, and commitment to ethical critical thinking, spend more time applying principles in order to: professional judgment, and gain a deeper understanding of a client’s business and •• Perform engagements in accordance with industry—all contributing to enhanced professional standards and the applicable audit quality and an improved experience legal and regulatory requirements for our people. •• Enable Deloitte Audit to issue audit reports that are appropriate in the Deloitte Audit has made substantial circumstances investments in our talent and learning strategies and transformed the technical Advancement audit curriculum to build the proficiency Deloitte Audit’s policies and procedures required by level: for advancement have been established •• At the core, we have developed a single, to provide reasonable assurance global mandatory Audit technical learning that professional staff identified for curriculum for auditors, targeting advancement have the adequate learners by level, using a dynamic blend qualifications to fulfil the responsibilities of live instructor-led, and digital on- they will be called on to assume. Some demand courses and on-the-job activities of these policies and procedures are summarised below: •• All audit professionals are required to complete at least 20 hours of continuing •• Various professional staff levels within professional education (CPE) each year Deloitte Audit and a description of the and at least 120 hours every three years, competencies required to perform through structured learning programs, effectively at each level have been such as internal or external courses, developed

11 2019 Transparency Report | Our purpose and commitment: audit quality

Certain courses are mandatory (as Deloitte University •• For Equity Partners, the system is an established by Deloitte Global Audit Deloitte actively cultivates its collective earnings allocation process. Typically, Curriculum) and others are optional (local knowledge and the skills of our each Equity Partner is allocated interests industry trainings, soft skills etc). Through professionals globally through investments in the Deloitte Luxembourg Group, a learning monitoring system, each in Deloitte Universities (DU). These are known as units, under recommended professional follows the status of their state-of-the-art learning and development guidelines related to their level, role learning and takes the responsibility to centers focused on Deloitte culture, and in the Deloitte Luxembourg Group, ensure their own continuing professional rooted in the principles of connectedness responsibilities and overall performance development. In addition to this possibility and leadership in a highly inclusive learning appraisal, which is linked to a goal-setting to individually follow the learning plan, the environment3. Deloitte professionals process. At the end of the financial central Audit Learning Team monitors the benefit from leadership to client soft skills year, units are valued based on the completion of mandatory trainings via the programs in accordance with their grade performance of the Deloitte Luxembourg central learning platform. and enabling deeper connections across Group. The earnings of Equity Partners the Deloitte network. are determined by their number of units Our statutory auditors, approved at the applicable unit value. statutory auditors and professional •• Salaried Partners’ and Managing trainees follow the trainings required by Directors’ remuneration comprises a the CSSF according to the Law of fixed salary and a variable performance 23 July 2016 on the audit profession and related component determined upon the CSSF Regulation n°16-10 organizing overall performance appraisal geared the continuing education of approved to a goal-setting process and taking into statutory auditors supplemented by CSSF account their roles and responsibilities. Circular 19/717.

Partner remuneration To ensure that Partners and Managing Statement on policy followed by Execution of high-quality audits is expected Directors of Deloitte Audit focus on their Deloitte Audit concerning the from all professionals and is embedded primary responsibility to provide audit continuing education of the statutory across the Deloitte network. Audit quality is services of the highest quality, the policies auditors built into performance standards at every of Deloitte Audit, which are consistent with level, against which professionals’ overall the applicable regulations in Luxembourg, Deloitte Audit believes that the evaluations are measured. organization described above is forbid them from receiving compensation, bonuses, or other direct financial incentives appropriate in order to provide The compensation practices of Deloitte for selling products or services, other reasonable assurance that sufficient Audit are designed to comply with than audits, reviews, or assurance- training is given to professional staff in applicable independence requirements; related services, to the clients they serve. audit, accounting and industry specific to emphasize the shared values of Moreover, in determining the remuneration topics to continuously increase their quality, integrity, and technical excellence; of Deloitte Audit Partners and Managing capabilities, expertise and competence. and to assess the characteristics and Diectors, due consideration is given in their skills outlined in our human resources performance evaluations to the results of competency model. practice reviews and external inspections of their engagements.

3 For more information about Deloitte University, please refer to: Global Impact Report. 12 The high The experience of a high-quality audit, delivered properly, will provide audit committees, investors, and quality audits other stakeholders of our clients with (but not limited to): • An audit report that is appropriate to the we deliver circumstances. • Innovation in how we do the audit. • Valuable insights about their company Deloitte is proud of its role supporting the capital markets, protecting investors and the public trust.

13 2019 Transparency Report | Engagement performance

Engagement performance

Assignment of Partners and the engagement team collectively has and assertion level is vital to performing an professional staff to audit the relevant capabilities, competencies, effective audit. Deloitte Audit’s engagement engagements and sufficient time to perform the audit teams build this understanding and Deloitte Audit assigns responsibility engagement. Factors considered in this assess risks of material misstatement in for each audit engagement to an audit determination include, among others: a number of ways, including analyzing engagement Partner or Managing Director. financial information to identify trends •• The size and complexity of the entity’s Deloitte Audit’s policies define the and unusual balances; holding in-depth business responsibilities of an audit engagement discussions with management and those Partner and Managing Director and •• The applicable financial reporting charged with governance; considering the those responsibilities are communicated framework used in preparing the financial inherent nature of each financial statement to Partners and Managing Directors. statements component and the risks associated with The identity and the role of the audit that component; evaluating the design of •• Applicable independence considerations, engagement Partner or Managing Director relevant internal controls and determine including any possible conflicts of interest is communicated to key individuals of if they have been implemented; assessing the client’s management team and those •• The qualifications and expertise of the extent to which technology is used charged with governance. Deloitte Audit professional Staff in the financial reporting process; and, if also has policies and procedures in place applicable, reviewing internal audit findings. so that Partners and professional staff Audit approach assigned to all audit engagements have the Deloitte Audit’s audit approach includes As necessary, based on the nature of appropriate degree of proficiency. requirements and guidances to assist the entity’s information systems and in the planning and performance of the extent to which technology plays a An engagement team ordinarily includes audit engagements and is based on role in the transaction processing and one or more of each of the following: the International Standards on Auditing financial reporting processes, information audit engagement Partner or Managing issued by the International Auditing technology specialists and other experts Director, audit manager, field senior and and Assurance Standards Board of may be involved in the audit engagement. relevant experts or specialists. However, IFAC as adopted for Luxembourg by the the engagement team will be developed Commission de Surveillance du Secteur Audit procedures based on the size, nature, and complexity Financier. Deloitte Audit has further Engagement teams tailor the audit plan to of the entity’s operations. Every audit supplemented these requirements and address the risks associated with the entity, engagement team is under the control guidances to reflect local requirements, the audit engagement, and the financial and supervision of the audit engagement as applicable. Standard documentation statements as a whole. Throughout the Partner or Managing Director to whom and the enabling software technology audit, engagement teams continually responsibility for the conduct of all audit are tools that enhance the consistent assess risk and how audit findings bear on services on the engagement is assigned. implementation of the Deloitte Audit’s the audit procedures. Deloitte Audit's audit The audit manager assigned to the audit approach and promote effectiveness approach allows Partners and professional engagement is responsible for providing and efficiency. staff to adapt the audit procedures to primary supervision and direction to the address issues that arise in the course of professional staff in the execution of the The following are the main elements of the audit. audit plan and in the performance of Deloitte Audit’s audit approach: the audit engagement. The field senior is Audit procedures to address risks of responsible for the day-to-day supervision Understanding of the entity and material misstatement include substantive of the other members of the engagement its environment procedures, which comprises tests team. Specialists and other experts An understanding of the entity and of details and substantive analytical are also involved as needed. The audit its environment, including its internal procedures, and tests of the operating engagement Partner or Managing Director controls, to assess the risks of material effectiveness of controls. considers many factors to determine that misstatement at the financial statement

14 2019 Transparency Report | Engagement performance

15 2019 Transparency Report | Engagement performance

Use of experts Engagement team reviews The reviewer conducts the review in such While the audit engagement Partner A review of the audit documentation is a manner that sufficient knowledge and retains responsibility for all aspects of the required to be performed by a member understanding is given in order to reach engagement, there are instances when of the engagement team who has more conclusions. The reviewer’s responsibility the engagement team has recourse to an experience than the preparer. In some is to perform an independent review expert. In such instances, an engagement cases, items of the audit documentation of significant auditing, accounting, and team evaluates whether the expert has may be reviewed by several team financial reporting matters, to document the necessary independence, competence, members. the procedures the reviewer performed capabilities, and objectivity. Competence and to conclude, based on all the relevant and capability of the internal expert is Engagement quality control reviews facts and circumstances of which the covered centrally. Statutory audit reports on the annual reviewer has knowledge, that no matters In evaluating whether or not the expert’s accounts or consolidated accounts and all that have come to his or her attention work constitutes appropriate audit other engagements referred to in the Law would cause the reviewer to believe that evidence in support of the financial of 23rd July 2016 on the audit profession as the significant judgments made and the information, the engagement team amended, for approved statutory auditors conclusions reached were not appropriate considers: (réviseurs d’entreprises agréés) are signed in the circumstances. by Partners or Managing Directors who •• The source data used are approved statutory auditors (réviseurs Consultation network and differences •• The assumptions and methods used, if d’entreprises agréés). of opinions appropriate, their consistency with those Deloitte Audit has established a used in the prior period An engagement quality control review consultation network to resolve issues is performed for all audits and related identified by the engagement teams. •• The results of the expert’s work in assurance services for which such a Consultations include technical accounting light of the engagement team’s overall process is required, engagements which and auditing matters regarding the knowledge of the business and of the are not subject to such an independent application and interpretation of applicable results of its audit procedures review are granted exemption based on standards and reporting issues or on established criteria. any other queries pertaining to an Engagement documentation audit engagement that requires specific Deloitte Audit maintains policies and The quality review is performed by a knowledge. procedures to support the compilation Partner or a manager who is not directly and archiving of audit files whereby the involved in the engagement and who has To enable the technical consultation audit engagement team submits the audit the appropriate experience and knowledge process, Deloitte Audit has a national files for archiving within the shorter of of applicable accounting and auditing accounting and auditing consultation (1) 60 days from the date of the report standards and regulations. Relevant department. A Member Firm Professional or (2) the period set out in applicable experience and knowledge includes Practice Director with specialized technical professional standards and regulatory and thorough understanding of the entity’s skills and experience is supported by legal requirements. Deloitte Audit’s policies industry, economic environment, and subject matter resources in various areas and procedures address the retention accounting principles. For all public interest such as regulatory filing requirements; of documents (in paper and electronic entities and all high-risk engagements, technical auditing requirements; and form), including those that address the the review is performed by a director or complex accounting matters. Deloitte Audit confidentiality, safe custody, integrity, a Partner with sufficient and appropriate maintains policies and procedures for the accessibility, and retrievability of archived experience. resolution of differences of opinion among documentation. Partners and others who are assigned to the engagement team.

16 2019 Transparency Report | External and internal audit quality monitoring

External and internal audit quality Multidisciplinary model

Audit is the foundation of the monitoring Deloitte brand. In addition to Audit & Assurance, Deloitte Luxembourg Group has Consulting, Financial Advisory, Risk Advisory, and Tax & Legal practices. The diversity of Audit Quality Monitoring & •• Fundamental understanding of five different businesses under one Measurement deficiencies and timely execution umbrella (multidisciplinary model) is A continued focus on audit quality of corrective actions by all member one of the key differentiators of high- is of key importance to the Deloitte firms consistently quality audits. brand. It is critical that a Deloitte •• Enhanced transparency and Among the benefits of the audit is consistently executed and consistency in reporting key multidisciplinary model for audit: of high quality. The objectives of the measures of audit quality Global Audit Quality Monitoring & •• It is possible to develop industry Measurement (AQMM) programme Deloitte Audit maintains policies and insights through multiple lenses, are to: procedures to promote an internal which enhances auditors’ •• Transform the way audit quality is culture based on the recognition that understanding of business risks monitored and measured and audit quality is our priority. Deloitte Audit relevant to conducting audits. deficiencies are resolved; and focuses on professional excellence •• The audit practice has immediate as the foundation for achieving audit •• Enhance the internal system of access to specialized resources and quality on a consistent basis. quality control which all Deloitte expertise in other business lines. network firms follow It promotes audit quality because auditors can tap the expertise of The AQMM program is focused on advisory professionals who are driving: skilled in subjects that often are not native to auditors. •• Continuous, consistent, and robust monitoring of completed and in-flight •• A diverse organization helps attract engagements and retain premier talent.

•• Intellectual capital is available within the network to innovate audit processes, technologies, etc.

Negative quality events have the potential to impact the Deloitte brand as a whole. As such, each non- audit Deloitte business has a shared and vested interest in supporting audit quality initiatives.

17 Audit Quality Monitoring & Measurement

Engagement reviews

In-flight monitoring System of quality control

Remediation External inspections

Causal factor analysis 2019 Transparency Report | External and internal audit quality monitoring

In-flight monitoring System of quality control (SQC) work is done, and necessary focus on Continuous audit quality monitoring SQC includes numerous elements engagement staffing, including sufficiency by Deloitte Audit drives a faster response such as documenting key areas of the SQC and expertise of assigned resources. to audit issues on “in-flight” engagements, processes and controls and performing driving identification, timely solutions, and procedures for testing the operating Causal factor analysis real time corrective actions achieved by: effectiveness of the SQC, including and remediation execution of a comprehensive SQC review Focusing on continuous improvement •• Deployment and monitoring of a program. is essential to driving improvements in series of core Diagnostics, enabling audit quality. Understanding why audit engagement Partners and teams, as well The following key components of the deficiencies occur is essential to the design as Deloitte Audit audit quality leader(s) to overall risk management and quality of effective actions to remediate findings. continuously monitor audit quality and control policies and procedures of the Firm Further, actions are taken when audit take immediate action. are also reviewed in the context of the deficiencies in the performance of an audit •• A program of subject matter specific internal practice review: engagement are identified. Engagment “health checks” to assist Deloitte Audit level remediation is imperative to drive •• Reputation protection and risk audit quality leader(s) in assessing continuous improvement in audit quality management program, including client progress and identifying potential issues and avoid future similar findings. An Audit and engagement acceptance and on in-flight engagements. Quality Plan is prepared by Deloitte Audit continuance and provides for effective implementation Engagement reviews •• Independence and monitoring of key audit quality Key components of engagement priorities. •• Leadership reviews (internal practice reviews) include: •• Ethics External inspections •• Risk-based engagement selection and In addition to Deloitte Audit’s own consideration of all major industries •• Monitoring monitoring of audit quality, we are subject served by Deloitte Audit. Commission de •• Human Resources to external reviews by the Surveillance du Secteur Financier •• Mandatory moderation panel to drive (“CSSF”). •• Engagement performance consistency in findings and engagement ratings. External inspections Used in conjunction with other metrics, The CSSF is currently in the process •• External Partners and deputies who Audit Quality Indicators (AQIs) further assist of finalizing its ninth quality review oversee practice reviews to increase Deloitte Audit in developing and monitoring of Deloitte Audit which started in global consistency. audit quality action plans and reporting on April, 2019 the progress in its audit quality journey. •• Identifying appropriate resources (from AQIs are integrated with ongoing AQMM within Deloitte Audit as well as from activities. other Deloitte geographies) with the Statement on the effectiveness of the right experience and industry expertise, functioning of the internal quality In addition, proper timing and sequencing including establishing central review control system of audit activities, including timely teams We confirm that we are satisfied that our reviews of work performed and the internal quality controls and systems are resolution of matters identified, are robust, operate effectively, and allow us Internal inspections closely associated with high quality audits. to readily identify any areas of potential Our last internal practice review Audit Quality Milestones are intended to enhancement. We continually seek to refine process started in February 2019 drive consistency of engagement teams all aspects of our business and we use and covers the year 2018 in project management, timing of when the findings of the practice review, other internal reviews and external regulatory reviews to enhance our system of quality control.

19 The organizational capabilities we build

Deloitte culture and the audits known as The design of our learning Deloitte Way, provide programs place our the foundation for our people at the forefront. commitment to bring Deloitte professionals consistency to our audits. are technically proficient with high levels of ethics, We are driving a integrity, professional sustainable audit and skepticism, and objectivity, assurance business and continuously that compensates its enhancing. people fairly and funds ongoing investment in our Deloitte is committed to business. developing its people and accelerating their careers by creating a life-long learning environment. We are advancing audit education, skillsets, and flexible career options that appeal to future auditors.

In addition, operational discipline, effective management of our business, and the development of a singular approach to doing

20 2019 Transparency Report | Independence, ethics, and additional disclosures

Independence, ethics, and additional disclosures

Independence staff, and certain relatives thereof, The Firm has policies and procedures where applicable, as well as the other that are designed to provide reasonable entities within the Deloitte Luxembourg Deloitte Global Independence assurance that it complies with applicable Group. These policies and procedures Sets independence policies and laws, regulations and professional are, in some instances, more restrictive procedures based upon the Code of standards that relate to independence. than the independence standards in Ethics for Professional Accountants These policies and procedures are based the Law, the Regulation or the Code issued by the International Ethics on those set out in the Law of 23 July and contain specific independence Standards Board for Accountants 2016 on the audit profession, Regulation requirements that are applicable and the independence standards (EU) n°537/2014 on specific requirements when Deloitte Audit is to maintain of the US Securities and Exchange regarding statutory audit of public interest independence with respect to an audit Commission and the Public entities, the Ethical Code issued by the or attest client (‘restricted entity‘) and Company Accounting Oversight International Ethics Standards Board its affiliates. Partners and professional Board. Performs full reviews of for Accountants (‘the Code‘), and are staff determine, among other things, independence quality controls on enhanced, as appropriate, to reflect local whether an entity is a restricted entity a three-year cycle; annual focused supplements provided notably through before they, their spouse, spousal reviews for the off-cycle years; CSSF Regulation 19-02, or DTTL policies equivalent, and dependents engage and in-depth follow-up reviews as that may be more restrictive. in certain transactions with the entity. needed. Partners and managerial personnel Deloitte’s system of quality control related enter their financial interests and Performs on-going monitoring to independence includes the following: securities accounts into a tracking activities of firms—enabling • Independence policies and procedures system (the ‘Global Independence continuous enhancements to global • Compliance business process tools, Monitoring System‘ or ‘GIMS‘). GIMS policies, quality controls, tools, and including the Deloitte Entity Search and enables an electronic review of financial practice support activities. Compliance (DESC) System, the Global interests and securities accounts to help Delivers global systems to Independence Monitoring System (GIMS) identify if independence restrictions provide professionals with entity confirmations, and consultation may affect an individual’s ability to hold information to support compliance • Business relationship assessment and such items. The Firm annually obtains with personal and professional monitoring the confirmations from its Partners, independence requirements, • Independence learning professional staff, and administrative including financial interests and • Monitoring of independence systems and staff upon joining Deloitte, as well as scope of service approvals. controls relating to personal independence, ongoing confirmations on an annual and engagement and practice reviews basis, that such individuals are in Supports independence • Disciplinary measures and actions personal compliance with independence awareness across the Deloitte • Assignment of responsibility for policies. network through active engagement independence systems and controls with independence and business • 'Tone-at-the-top' culture relating to Deloitte’s independence policies leadership groups, periodic independence. and procedures are made available communications and alerts, and electronically to Deloitte Partners, development of guidance, learning Independence policies and procedures professional staff, and administrative and instructions. Deloitte’s independence policies and staff. Updates to these policies procedures cover the audit firm, and and procedures are also made and Deloitte Audit’s Partners, professional communicated electronically to

21 2019 Transparency Report | Independence, ethics, and additional disclosures

Deloitte Partners, professional staff, and is continuously updated to help ensure This includes investments and securities administrative staff. its accuracy and completeness, including accounts of a spouse, spousal equivalent, periodic validation processes performed and dependent. Partners and managerial DESC system, GIMS, annual by engagement teams and/or the DTTL personnel enter defined types of such confirmations and consultations Member Firms. Deloitte’s Partners and financial interests and accounts into their professional staff access the DESC system individual portfolios in GIMS for monitoring There are three related aspects of the on-line. purposes. Firm’s systems and controls related to the Firm’s independence and the personal The DESC system also has features that are In addition, GIMS assists Partners and independence of its Partners, professional used to request and document approvals managerial personnel by identifying staff and administrative staff: the DESC related to providing services to an entity. situations which do not comply with the system, GIMS, and the independence In many jurisdictions, a restricted entity’s Firm’s policy so that the item may either confirmation process. These three audit committee or others charged with be reviewed or corrected. When such a aspects support each other in that (1) governance must preapprove services that situation is detected, the system advises Partners and professional staff search will be delivered within the restricted entity the individual that an independence- DESC system, (which includes a database group. impairing situation may exist, and poses of international restricted entities) and/ questions which aid the individual to or GIMS (which has a database of financial Where such features are enabled, the DESC determine whether or not the item is interests and securities accounts), to system’s features establish a standard permitted in the particular circumstances. identify if an entity or its financial interests business process among the DTTL Member This includes generating notices to the and securities accounts are restricted Firms whereby service requests are individual in situations where a once- before acquisition; (2) Partners and submitted to the lead client service Partner, permissible holding becomes newly managerial personnel record their financial who is responsible for obtaining and restricted, so that appropriate and timely interests and accounts in their portfolios documenting appropriate authorizations actions can be taken. The Firm monitors in GIMS; and (3) Deloitte Audit periodically prior to approving the service request. and follows up on such notices until the obtains confirmations from its personnel individual resolves the item. as to their compliance with the Firm’s GIMS independence policies, and also confirms Global Independence Monitoring Annual independence confirmations to DTTL its compliance and the compliance System The Firm obtains independence of its personnel with Deloitte Audit’s An application that contains financial confirmations from its Partners, independence policies. relationship data with relevant professional staff, and administrative staff independence compliance indicators. upon joining the Firm, Partners before DESC being admitted to the partnership and Deloitte Entity Search and Compliance In conjunction with the business processes existing Partners when a change in location A global, searchable database containing used for DESC, the Firm identifies and or role may change their independence specific entity information relevant in reports the publicly-available securities and requirements. Ongoing confirmations determining personal and professional securities accounts at financial institutions are also obtained on an annual basis independence restrictions. that are associated with all entities from all individuals. Annually, Deloitte which are publicly available, whether Luxembourg Group reports to DTTL that The DESC system is operated by DTTL on or not they are currently designated as it has taken appropriate steps to obtain behalf of the DTTL Member Firms. At a international restricted entities. Such sufficient evidence that it and its Partners, minimum, each DTTL Member Firm and securities and financial institutions are professional staff and administrative staff therefore Deloitte Audit reports the names recorded in GIMS. GIMS is operated by comply with applicable independence of its audit clients and their affiliates that DTTL on behalf of the DTTL Member requirements (including that the Firm itself meet the definition of an international Firms, and Deloitte Audit administers the is independent of restricted entities). restricted entity. The policy definition of related monitoring processes related to its an international restricted entity includes Partners and professional staff. Partners Consultation network listed audit clients, as well as other audit and professional staff search DESC, and/or The Firm communicates with its Partners clients that may be of public interest. GIMS for a security or securities account, and professional staff regarding the Such restricted entity information is before acquiring a financial interest consultation policies for independence recorded in the DESC system. The entity or establishing a securities account to matters and identifies the individuals who information provided by the Firm to DTTL determine if restrictions apply that affect are to be contacted. Additionally, the Firm them.

22 2019 Transparency Report | Independence, ethics, and additional disclosures

consults with DTTL’s independence group determine whether the representations independence matters that are relevant to and other Member Firms when additional and information submitted by Partners the Firm. DTTL has assigned a senior leader input or advice is needed under the and managers relating to independence and DTTL independence team members circumstances. matters and the information contained in who provide access to timely and accurate GIMS are accurate and complete. information designed to facilitate the Business Relationship Assessments independence function at the Firm level. and Monitoring Inspection of Deloitte Audit’s The Firm has a business relationship compliance ‘Tone-at-the-top‘ culture relating to assessment and monitoring process. The Deloitte Audit is subject to a practice independence objective of such process is to ensure review at intervals not to exceed three The Firm’s leadership reinforces that prior to entering into any business years. Compliance with independence the importance of compliance with relationship with a restricted entity or its policies at both firm level and at client level independence and related quality management or substantial stockholders, is reviewed in that context. control standards, thereby setting the a determination is made to ensure such a appropriate ‘tone-at-the-top‘ and instilling relationship does not impair independence Disciplinary measures and actions its importance into the professional with respect to that restricted entity. The Firm has disciplinary policies and values and culture of Deloitte. Strategies procedures in place to address non and procedures to communicate the Independence learning compliance with Deloitte’s independence importance of independence to Partners, The Firm provides independence policies and procedures. These disciplinary professional staff, and administrative staff learning to its Partners and professional policies and procedures are designed have been adopted, emphasizing each staff. The Firm’s independence policies to provide an appropriate response to individual’s responsibility to understand and procedures are made available breaches of such policies and procedures the independence requirements. electronically to Deloitte Audit’s Partners, by Partners, professional staff and professional staff and administrative staff. administrative staff. Conflicts of Interest Updates to these policies and procedures Potential conflicts of interest are are also made and communicated Assignment of responsibility for considered on all prospective engagements electronically to Deloitte Audit’s Partners, independence systems and controls and prior to Deloitte Audit entering into professional staff and administrative staff. The Firm has assigned a Director of a financial or business relationship with Moreover, other independence related Independence who has the responsibility a third party. The Firm has policies and materials are available on an independence to implement and maintain quality procedures in place to identify potential website. Reminders on policy and other controls over independence. More conflicts of interest in connection with matters are routinely published as part specifically, the Director of Independence Deloitte Audit either (i) accepting a of communications including notices is responsible for taking the lead on all prospective engagement or (ii) entering into of changes to internationally restricted significant independence issues within certain business or financial relationships entities. the Firm including Deloitte Audit, covering with another entity. the implementation and maintenance On a periodic basis, The Firm inspects of the Firm’s business processes related The Deloitte Conflict Checking System its Partners and senior professionals for to (1) independence consultations, (2) (DCCS) is designed to support the Firm’s compliance with Deloitte’s independence independence learning programs, (3) conflict checking business process to policies and procedures. restricted-entity information in the identify and manage potential conflicts DESC system, (4) use and monitoring relating to prospective cross-border Monitoring of independence systems of the features of the DESC system, (5) engagements, business or financial and controls relating to personal use and monitoring of GIMS, (6) annual relationships. For each new cross-border independence, engagement and confirmations, (7) testing and inspection engagement or relationship opportunity, practice reviews programs, and (8) disciplinary processes. DCCS captures the principal parties to Inspection of personal independence Communication channels exist between the engagement, the scope of work, compliance the Firm’s Director of Independence, engagement team, and specific questions On a periodic basis, The Firm inspects Deloitte Audit management and DTTL’s which are driven by the proposed service its Partners and senior professionals for independence group. Further, the Director offering. As part of each conflict check compliance with Deloitte’s independence of Independence provides updates to the recorded in DCCS there is an automated policies and procedures. The objective of Firm’s Risk Committee about the significant search of the DESC system to identify the inspection and testing program is to

23 2019 Transparency Report | Independence, ethics, and additional disclosures

any potential audit/attest relationships. requires attention. Overall DCCS provides a record of existing (c) For Rotation of managerial engagement, business, and financial personnel (IESBA) relationships which can be searched The wide variety in the composition of when proposing for new engagements or audit teams and the authority placed relationships. in the person of the Key Audit Partners is such that a mechanical approach to Rotation of Key Audit Partners mitigating familiarity risk at manager level and professionals is not appropriate. Instead, the Director Deloitte Audit has monitoring procedures of Independence will work with the audit in place to ensure compliance with risk function to establish and maintain a mandatory rotation/tendering of audit Watch-List of audit engagements where a firms, mandatory rotation of Key Audit Manager, Senior Manager or Director has Partners and mandatory rotation of served for five years continuously or more. managerial personnel as follows: (d) Appropriate gradual rotation (a) For rotation of Key Audit Partners mechanism for the most senior personnel IESBA: No Key Audit Partner shall serve an on audits of EU-PIEs Reference is made to audit client which is a Public Interest Entity Article 17(7) of Regulation (EU) 537/2014. (DPM-PIE) for more than seven consecutive years. Up to five further years must elapse Confirmation of review of before resuming any Key Audit Partner independence practices and role for the same client. Key Audit Partner monitoring rotation shall also be considered for non- Based on the above actions, we are able PIE clients where certain criteria are met, to confirm that an internal review of our such as those which are designated as independence practices has been properly (Much) Greater than Normal Risk. conducted during the year. Our practice SEC: In the case of an audit client which is review and other monitoring processes an SEC Registrant (Issuer), the maximum provide us with reasonable assurance that number of consecutive years shall be these policies are appropriately observed. five. In the case of a significant subsidiary of an SEC Registrant (Issuer), (as advised Ethics by the LCSP), the maximum number of The Firm maintains policies and procedures consecutive years shall be seven. No that are designed to provide reasonable exceptions may be tolerated to this rule. assurance that its professionals comply The cooling-off period remains two years. with relevant ethical requirements. EU-PIE: In the case of an audit client which The Firm also complies with Deloitte Global is an EU Public Interest Entity, as defined policies and procedures, which align with Global Principles of Business Conduct and in that legislation, the maximum number the requirements and guidance set out describes critical professional behavior of consecutive years served by a Key Audit in the Code of Ethics for Professional that reflects local customs, regulations, Partner shall be seven, with a cooling-off Accountants (the “Code”) issued by the and legal requirements. The Firm provides period of three years. The legislation does International Ethics Standards Board for communication channels through which not provide for any exceptions to this rule. Accountants as adopted by the “Institut des Partners, other professionals and support In the case of all other audit clients, Réviseurs d’Entreprises” (“IRE”), a standard- staff can consult on and report ethical a reasonable effort shall be made to setting body of the International Federation issues and situations. The Firm reinforces comply with the principles set out above of Accountants (IFAC). its commitment to ethics and integrity and, in particular, minimize the number through communication tools, learning and duration of cases where Key Audit Deloitte Luxembourg Group has appointed programs, compliance processes, and Partners serve a client for more than seven an Ethics Officer who is an experienced measurement systems. In addition, it consecutive years. Partner with direct access to the CEO and requires all Partners, other professionals (b) Routine Monitoring – Rotation Panel the member firm’s governing body. In and support staff to confirm annually that On a quarterly basis, the Rotation Panel addition, Deloitte Luxembourg Group has they read and comprehend the code of reviews those client situations where the developed and implemented its own code conduct, and understand that it is their issue of Key Audit Partner (KAP) rotation of conduct, which incorporates the Deloitte responsibility to comply with it.

24 Deloitte Global Ethics and Integrity Imperative

Deloitte is committed to conducting business with honesty, distinctive quality, and high standards of professional behavior.

Deloitte’s Global Principles of Business Conduct (“Global Code”) outlines Deloitte’s ethical commitments as a network and expectations for Deloitte’s approximately 286,000 people, giving a strong, principled foundation. The Deloitte Integrity Imperative amplifies the Global Code across the network by empowering leaders to set a strong tone from the top; encouraging people to speak up when they witness anything that runs counter to the Global Code; and helping Deloitte act quickly and appropriately in the face of misconduct.

The Deloitte Global Ethics team and member firm ethics Global Principles of officers work closely with senior Business Conduct Deloitte leaders to build and enhance the foundations of the network’s ethics program, which Global ethics policies is comprised of the following elements:

Reporting channels and non-retaliation policy Elements of the Deloitte ethics program

Annual ethics survey

Ethics practice- review program

Ethics learning programs and communications Management teams, audit committees, investors, Shaping the regulators, and standard setters all play critical roles in future of the shaping the environment in which audits are performed. We strive to engage with these parties, both formally audit profession and informally, to share, offer and debate ideas with the objective of ensuring the relevance of audit and assurance to the capital markets.

26 Appendices 2019 Transparency Report | Appendix A

Appendix A | EU/EEA audit firms

Disclosure in accordance with Article 13.2 (b)(ii)-(iv) of the EU Audit Regulation

EU/EEA Member State (Article 13.2 (b)(iii) EU Audit Regulation: the countries in which each audit firm that is a member of the network is qualified as a statutory auditor or has its registered office, central administration or principal place of business)

Name of audit firms carrying out statutory audits in each Member State (Article 13.2 (b)(ii) EU Audit Regulation: the name of each audit firm that is a member of the network)

EU/EEA Member Name of audit firms carrying out statutory audits in each Member State State Deloitte Audit Wirtschaftsprüfungs GmbH Deloitte Burgenland Wirtschaftsprüfungs GmbH Deloitte Niederösterreich Wirtschaftsprüfungs GmbHww Austria Deloitte Oberösterreich Wirtschaftsprüfungs GmbH Deloitte Salzburg Wirtschaftsprüfungs GmbH Deloitte Tirol Wirtschaftsprüfungs GmbH Deloitte Wirtschaftsprüfung Styria GmbH Belgium Deloitte Bedrijfsrevisoren / Réviseurs d’Entreprises CVBA / SCRL Bulgaria Deloitte Audit OOD Croatia Deloitte d.o.o. za usluge revizije Cyprus Deloitte Limited Czech Republic Deloitte Audit s.r.o. Denmark Deloitte Statsautoriseret Revisionspartnerselskab Estonia Deloitte Audit Eesti AS Finland Deloitte Oy Deloitte & Associés Deloitte Marque & Gendrot Deloitte Marque Gendrot Audalian Commissaire BEAS Cisane Constantin Associés Constantin Entreprises France Consultants Auditeurs Associés DB Consultants Durand & Associés ECA Audit Jacques Serra et Associés Laurens Michel Audit Opus 3.14 Audit Et Conseil Pierre-Henri Scacchi et Associés Revi Conseil Deloitte GmbH Wirtschaftsprüfungsgesellschaft Germany Deutsche Baurevision GmbH Wirtschaftsprüfungsgesellschaft SüdTreu Süddeutsche Treuhand GmbH Wirtschaftsprüfungsgesellschaft Greece Deloitte Certified Public Accountants SA Hungary Deloitte Könyvvizsgáló és Tanácsadó Kft.

28 2019 Transparency Report | Appendix A

Iceland Deloitte ehf. Ireland Deloitte Ireland LLP - Republic of Ireland Italy Deloitte & Touche S.p.A. Latvia Deloitte Audits Latvia SIA Liechenstein Deloitte (Liechtenstein) AG Lithuania Deloitte Lietuva, UAB Luxembourg Deloitte Audit Malta Deloitte Audit Limited Netherlands Deloitte Accountants B.V. Norway Deloitte AS Deloitte Audyt spółka z ograniczoną odpowiedzialnością spółka komandytowa Poland Deloitte Audyt spółka z ograniczoną odpowiedzialnością Portugal Deloitte & Associados, SROC S.A. Romania Deloitte Audit S.R.L. Slovakia Deloitte Audit s.r.o. Slovenia Deloitte Revizija d.o.o. Spain Deloitte, S.L. Sweden Deloitte AB Deloitte LLP United Kingdom Deloitte Gibraltar Limited Deloitte NI Limited

Disclosure in accordance with Article 13.2 (b)(iv) of the EU Audit Regulation

The total turnover achieved by the audit firms that are members of the network, resulting from the statutory audit of annual and consolidated financial statements: € 2 billion1

1 Amount represents an estimate determined based upon best efforts to collect this data. Certain Deloitte audit firms registered to perform statutory audits in respective Member States provide statutory audit services as well as other audit, assurance and non-audit services. While Deloitte endeavored to collect specific statutory audit turnover for each EU/EEA Deloitte audit firm, in certain cases turnover from other services has been included. The turnover amounts included herein are as of 31 May 2019, except for a limited number of instances where a Deloitte audit firm has different financial year-end or has not finalized its reporting for such period. In these cases, turnover amounts are for the relevant financial year or preceding financial year. Where currency other than Euros is used in the Member State, the amount in Euros was translated using an average exchange rate in effect for the period 1 June 2018 to 31 May 2019.

29 2019 Transparency Report | Appendix B

Appendix B | Financial information

Disclosure in accordance with Article 13.2 (k) (i)-(iv) of the EU Audit Regulation

The breakdown of Deloitte Audit’s turnover (unaudited) for the year ended on 31 May 2019:

Turnover (in million EUR)

Statutory audit (PIEs or PIE subsidiaries) 20

Statutory audit (non-PIEs or non-PIE subsidiaries) 42

Non-audit services (audited entities) 11

Non-audit services (other entities)1 42

Total Deloitte Audit 115

Consolidated turnover of Deloitte Luxembourg Group 363

1 Non audit services to other entities include contractual audits

30 2019 Transparency Report | Appendix C

Appendix C | Public interest entities

Disclosure in accordance with Article 13.2 (f) of the EU Audit Regulation

Public Interest Entities audited for Statutory Purposes by Deloitte Audit in the Financial Year 2019:

Name abc SME Lease Germany SA Allfunds Bank International S.A. APERAM Aphex S.A. APICIL Life S.A. ArcelorMittal S.A. AVIABEL RE B&S Group S.A. Banque Havilland S.A. Banque J. Safra Sarasin (Luxembourg) S.A. Belfius Financing Company S.A. BGL BNP Paribas BI SICAV BlueRe m.a. BNP Paribas Fortis Funding S.A. BNP Paribas S.B. Ré. BPER Bank Luxembourg SA Builders Direct S.A. Builders Reinsurance S.A. CARDIF LIFE Cardif Lux Vie Cartesian Residential Mortgages 1 S.A. Cartesian Residential Mortgages 2 S.A. Cartesian Residential Mortgages 3 S.A. CattRe S.A. CEB CAPITAL S.A. Cheyne Capital Guaranteed Credit S.A. CNA Insurance Company (Europe) S.A. Codeis Securities S.A. CompAM Fund COMURA S.A. DANSKE BANK INTERNATIONAL S.A. Diversified European Credit S.A. EAST-WEST UNITED BANK S.A. E-Carat S.A. eleX Alpha S.A. Euroclear Investments European Credit (Luxembourg) S.A. FABS LUXEMBOURG I S.A.

31 2019 Transparency Report | Appendix C

Foyer Assurances S.A. FOYER Réassurance S.A. Foyer Santé S.A. Foyer Vie S.A. Foyer-Arag S.A. Globant S.A. GS Ré - Société de Réassurance du Groupe GRAS SAVOYE HOLCIM FINANCE (Luxembourg) S.A. Holcim US Finance S. à r.l. & Cie S.C.S. International Shipowners Reinsurance Company S.A. Internaxx Bank S.A. Jarna Issuance Vehicle S.A. John Deere Bank S.A. John Deere Cash Management S.A. Kernel Holding S.A. KEYTRADE BANK LUXEMBOURG S.A. Kleos Space S.A. Le Sphinx Assurances Luxembourg S.A. Luxempart S.A. LYXOR Index Fund Mitsubishi UFJ Investor Services & Banking (Luxembourg) S.A. Monceau Euro Risk, Société Anonyme de Réassurance Nord Europe Life Luxembourg S.A. Novus Capital Luxembourg S.A. Nuclear Industry Reinsurance Association Oakham S.A. Opus Securities S.A. Ossiam Lux SICAV PFA Investment Fund Principal Residential Investment Mortgages 1 S.A. RAIFFEISEN VIE S.A. REACOMEX Saham Réassurance Luxembourg S.A. SGFD, Société Générale Financing and Distribution SI UCITS ETF Sistema International Funding S.A. SOCIETE GENERALE CAPITAL MARKET FINANCE, en abrégé SGCMF Société Générale Ré S.A. SOGELIFE S.A. SPARINVEST SICAV Stork Acceptance S.A. SUMUS FUND SURASSUR S.A. TCW Funds THE GENESIS EMERGING MARKETS INVESTMENT COMPANY The OneLife Company S.A. The West of England Ship Owners Mutual Insurance Association (Luxembourg) UniCredit International Bank (Luxembourg) S.A. Universal Credit S.A. VITIS LIFE S.A. WEALINS Wells Fargo (Lux) Worldwide Fund 32 Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms, and their related entities. DTTL (also referred to as “Deloitte Global”) and each of its member firms are legally separate and independent entities. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more. Deloitte is a leading global provider of audit and assurance, consulting, financial advisory, risk advisory, tax and related services. Our network of member firms in more than 150 countries and territories serves four out of five Fortune Global 500® companies. Learn how Deloitte’s approximately 286,000 people make an impact that matters at www.deloitte.com. This communication contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms or their related entities (collectively, the “Deloitte network”) is, by means of this communication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No entity in the Deloitte network shall be responsible for any loss whatsoever sustained by any person who relies on this communication.