I don't have the exact numbers since November 2016. I can tell you that in fiscal year 2017-18, so April 2017 to this past March, we investigated over 130 incidents of potential breaches to the Bank Act. Sometimes investigations overlap in two fiscal years. In 2017-18, there were eight violations that were essentially upheld by the commissioner through three decisions.
In addition, there were a number that were addressed through other means. For example, we have a number of administrative tools outlined in our compliance framework. Depending on the significance of the breach, we can issue letters of concern, which is an administrative tool. We can use action plans. For example, if we identify a specific issue with a control that caused the breach to happen, then we can work with the institution, telling them that we expect them to do x, y, and z to rectify a control to avoid these breaches. These are reduced to paper. We track those, and we work with the institution to ensure they fix the issues. When that's done, we close the action plan.
We use a variety of tools when we are faced with investigating breaches. Not all of them go to what we call a notice of violation, a notice of decision. That said, throughout all the various tools we use, the commissioner referenced earlier that over the last two fiscal years, through the supervision work and enforcement we've done, consumers have been reimbursed over $21 million.
The work we've been able to do, the way we've used our tools, has generated that result for Canadians.