That is correct.
Evidence of meeting #112 for Public Accounts in the 44th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was kpmg.
A video is available from Parliament.
Evidence of meeting #112 for Public Accounts in the 44th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was kpmg.
A video is available from Parliament.
11:15 a.m.
Liberal
Valerie Bradford Liberal Kitchener South—Hespeler, ON
With ArriveCAN specifically, what were your duties and what was your level of oversight in the project?
11:15 a.m.
Partner and National Leader, Cybersecurity, KPMG
KPMG had no oversight at all of the application's development. Our role was specific to the cybersecurity assessment of the ArriveCAN application and the underlying cloud platform, and that's what we executed. We provided oversight of the work that we performed for that ask.
11:15 a.m.
Liberal
Valerie Bradford Liberal Kitchener South—Hespeler, ON
How can cybersecurity and ensuring that robust systems are in place go hand in hand with the hiring out of independent third party contractors as subcontractors?
11:15 a.m.
Partner and National Leader, Cybersecurity, KPMG
I'm not clear on your question. Could you kindly rephrase it?
11:15 a.m.
Liberal
Valerie Bradford Liberal Kitchener South—Hespeler, ON
Cybersecurity is one of your areas of expertise, and so is ensuring that robust systems are in place. How do those go hand in hand with the hiring out of independent third party contractors as subcontractors?
11:15 a.m.
Partner and National Leader, Cybersecurity, KPMG
There is no real difference between the work that we would execute as a subcontractor and what we would do as the prime contractor for that body of work.
We would have been happy to be the prime contractor, but we simply responded to the request of the government.
11:20 a.m.
Liberal
Valerie Bradford Liberal Kitchener South—Hespeler, ON
Thank you.
Ms. Lee, you have a very extensive background in digital health. How did you end up at KPMG?
11:20 a.m.
Partner and National Leader, Digital Health Transformation Practice, KPMG
As I mentioned in my opening remarks, I've been in the health care industry for over 25 years. I worked previously at a large academic hospital network, and was given an opportunity to help KPMG establish an offshoot of its existing health care consulting practice with a focus on digital health care.
11:20 a.m.
Conservative
The Chair Conservative John Williamson
Thank you very much. That is the time.
The next member, Ms. Sinclair‑Desgagné, will be speaking in French.
Ms. Sinclair‑Desgagné, you once again have two minutes and thirty seconds.
11:20 a.m.
Bloc
Nathalie Sinclair-Desgagné Bloc Terrebonne, QC
Thank you, Mr. Chair.
Mr. Nijjar and Ms. Lee, have you read the Auditor General’s report?
11:20 a.m.
Bloc
Nathalie Sinclair-Desgagné Bloc Terrebonne, QC
All right.
I will quote the Auditor General’s report.
We found similar issues in the two professional services contracts awarded by the Public Health Agency of Canada to KPMG. While the first contract included milestones with clear deliverables and pricing, these were later amended and replaced with less‑specific deliverables to allow for more flexibility.
Extensions were not linked to new tasks, and merely pushed back deadlines, thus increasing the price of contracts.
This completely contradicts what you told me earlier, Ms. Lee. The invoices sent to the Public Health Agency of Canada were less and less specific, and the changes to the contract were not linked to specific tasks and merely increased the price of the contract, without adding new tasks for the same amount. That completely contradicts what you told me.
Why did KPMG agree to take more money and change the invoices to be less and less specific? Was it a public health order, or did KPMG simply decide to pocket more money?
11:20 a.m.
Partner and National Leader, Digital Health Transformation Practice, KPMG
As I said previously, all of the invoices that we submitted to the Public Health Agency were approved by the agency prior to submission. We never changed our approach, from the very first invoice to the last invoice, in terms of the level of detail that was provided to the agency.
To come back to the other part of your question about flexibility, it was our understanding that the Public Health Agency was specifically very concerned about unforeseen events and that it would require assistance from us in the same vein that we had been providing it from the very beginning under the initial TA.
The work packages, the work processes and all of the key activities were virtually the same throughout all of the contract work that we did for the Public Health Agency over that two-and-a-half-year period. It never really changed.
The agency asked for the contracting language to be the way it was, to be less detailed in the final contract, because it couldn't possibly predict what was happening during the third and fourth waves, and it was very concerned.
11:20 a.m.
Bloc
Nathalie Sinclair-Desgagné Bloc Terrebonne, QC
So KPMG assumes no responsibility for what was denounced in the report—
11:20 a.m.
Conservative
The Chair Conservative John Williamson
I’m sorry to interrupt you, Ms. Sinclair‑Desgagné. You’ll have another opportunity to ask questions.
Next up is Mr. Desjarlais.
You have the floor for two and a half minutes, please.
11:20 a.m.
NDP
Blake Desjarlais NDP Edmonton Griesbach, AB
Thank you very much, Mr. Chair.
I want to turn now to the Auditor General's report and her findings about vendors. The report states, “We found situations where agency employees who were involved in the ArriveCAN project were invited by vendors to dinners and other activities.”
It goes on to suggest that “In our view, existing relationships between vendors and the agency's Information, Science and Technology Branch, as well as the lack of evidence that agency employees reported the invitations to dinners and other activities, created a significant risk or perception of a conflict of interest around procurement decisions.”
Wouldn't either of you suggest that non-competitive contracts, particularly given these findings, make it seem as though conflicts of interest could, in fact, be real?
11:25 a.m.
Partner and National Leader, Digital Health Transformation Practice, KPMG
I'd like to start by saying that under no circumstances did KPMG feel there was a conflict of interest. We followed all of our internal processes to comply with our policies and procedures along those lines.
To your comment about social events and the like, you have to remember that our work was initiated in September 2020, at the height of the COVID-19 pandemic lockdowns. Under no circumstances were any of our team members engaged in any of those activities prior, during or after our contracting.
I do not agree with the characterization that there was a conflict of interest in what we had done, either to procure the work or to conduct it.
11:25 a.m.
NDP
Blake Desjarlais NDP Edmonton Griesbach, AB
Has KPMG at any point in time supplied gifts, benefits or dinners to members of the government?
11:25 a.m.
Partner and National Leader, Digital Health Transformation Practice, KPMG
I am not aware of any of that kind of activity happening.
11:25 a.m.
NDP
Blake Desjarlais NDP Edmonton Griesbach, AB
With regard to the relationship that may have existed between GC Strategies and KPMG, what was the first interaction between these two groups before the task authorizations?
11:25 a.m.
Partner and National Leader, Cybersecurity, KPMG
The only other contact prior to the ArriveCAN app was a discovery session for GC Strategies to understand our capabilities and experience with respect to cybersecurity. That was a very brief discussion.