Evidence of meeting #26 for Government Operations and Estimates in the 43rd Parliament, 2nd Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was pandemic.
A recording is available from Parliament.
3:55 p.m.
Conservative
3:55 p.m.
Bloc
Julie Vignola Bloc Beauport—Limoilou, QC
Thank you very much, Mr. Chair.
Thank you, Ms. Hogan, and thanks as well to the members of your team, for being with us again. Since I always read your reports with great interest, I hope to learn how the various systems that constitute our democracy can be improved.
According to your report, on May 11, the Canada Revenue Agency introduced an automated control to cross-check its information with employment insurance information, particularly regarding suspicious applicants. The agency told you it had previously been impossible to do that because it would have delayed the payment of benefits.
Did the agency tell you exactly to what extent it would have delayed the payment of benefits?
3:55 p.m.
Auditor General of Canada, Office of the Auditor General
Are you referring to the Canada emergency response benefit or the emergency wage subsidy?
3:55 p.m.
Bloc
3:55 p.m.
Auditor General of Canada, Office of the Auditor General
All right, thank you.
The government requested applicants' social insurance numbers for the Canada emergency response benefit. The decision was made not to cross-check information initially in order to expedite individuals's access to payments. It took about a week after the benefit was launched for that control to be put in place. Officials in the departments and the Canada Revenue Agency estimated that double payments amounting to $500 million were paid during that week. That's why the post-payment audits are extremely important.
3:55 p.m.
Bloc
Julie Vignola Bloc Beauport—Limoilou, QC
Yes, the agency said it would be able to trace some of those overpayments based on 2020 tax returns.
However, will the same process be used to detect people who committed fraud and those who stole personal information so they could file an application, or will the agency use another recovery system?
3:55 p.m.
Auditor General of Canada, Office of the Auditor General
Based on our current discussions with the agency, it will be the same process. It's the post-payment verification process that'll determine whether the agency mistakenly made a payment or whether individuals claimed a benefit when they were ineligible to do so. It will also help determine whether payments were made to people who filed applications knowing they were ineligible; in other words, individuals with bad intentions. That could constitute fraud.
That will all be clarified during the post-payment audits, which will start after the current tax season.
4 p.m.
Bloc
Julie Vignola Bloc Beauport—Limoilou, QC
Earlier you said that businesses that received the emergency wage subsidy were not required to provide their employees' social insurance numbers.
Is it possible that some of the employees who received the emergency wage subsidy also took advantage of a loophole to obtain the Canada emergency response benefit?
4 p.m.
Auditor General of Canada, Office of the Auditor General
Yes, the emergency wage subsidy could be used to pay the salary of an employee who receives the Canada emergency response benefit. After the two programs were launched, a change was made to the CERB so that claimants could earn $1,000 in salary over a four-week period without losing their benefits.
Businesses could file subsidy applications in connection with the salaries they were paying their employees. In that case, we're talking about the $1,000 that businesses paid their employees. So the two subsidies could have been paid in respect of a single employee.
However, one of the two is paid directly to the business. It provides indirect financial support to an employee, whereas the other benefit provides direct support to that employee. You have to distinguish between the two measures. The emergency wage subsidy is paid to the business, whereas the Canada emergency response benefit goes directly to the individual.
4 p.m.
Bloc
Julie Vignola Bloc Beauport—Limoilou, QC
On April 15, an ESD representative said that the employment insurance IT system was 50 years old. So it was created before the democratization that was brought on by the Internet. That's a long time ago.
Does that obsolete system—alone or together with other factors—explain the number of data breaches that resulted in fraudulent applications for the CERB and the Canada emergency student benefit, the CESB? Young people, 18 years of age, in my riding came into my office in tears because their identities had been stolen.
4 p.m.
Auditor General of Canada, Office of the Auditor General
You're right in saying that the system that Employment and Social Development Canada used to implement its employment insurance program is really obsolete. That's why the department couldn't handle the number of applications received for the Canada emergency response benefit and asked the Canada Revenue Agency for help.
However, the identity theft and fraud problems aren't necessarily related to the obsolete system. I don't know whether you can make that connection because the government has introduced many measures to control access to systems. It's the way every department manages access to its database that has an impact on access, not the obsolete condition of the database itself.
4 p.m.
Conservative
The Chair Conservative Robert Gordon Kitchen
Thank you.
Thank you, Ms. Vignola.
We'll now go to Mr. Green for six minutes.
4 p.m.
NDP
Matthew Green NDP Hamilton Centre, ON
I'll welcome Ms. Hogan, whom I've had the privilege of working with quite closely on public accounts. I'm one of the few MPs who have the privilege of going back and forth between these two committees.
I want to open up my line of questioning in a way that is respectful. This is certainly not going to be any kind of “gotcha”, but I need to address some inconsistencies that I have experienced between the reporting and the testimony at public accounts and the reporting and the testimony we're having here. I'm going to try to do it in such a way that it's clear, to allow you and your staff to think about how this might be perceived in the public.
I think about the questions that are critical in any audit or in any reflection on work that is this serious: What did you know? When did you know it? Also then, what did you do about it?
You may recall that on April 13, in a line of questioning that I had to Ms. McCalla, we were talking about the ways in which both provincial and federal modelling and our surveillance systems quite frankly failed to identify through PHAC that there was an issue for the pandemic.
I asked whether there was international modelling based on experiences in places like China that would have predicted the outcome. Ms. Hogan put the question to Ms. McCalla, who stated that the risk assessment is called for in PHAC's pandemic plan and that the WHO did issue a pandemic risk announcement and called attention to the risk of COVID-19 for the global community. However, we found that, at that time, PHAC did not update its risk assessments and did so only in mid-March at the direction of the chief public health officer.
I responded, “Then there was an alert. We were alerted to this in advance.”
Ms. McCalla responded, “There was an alert by the WHO, yes.”
I then responded, “My God.”
I would like to ask Ms. McCalla, through you, Mr. Chair, when that initial World Health Organization alert came to PHAC.
April 26th, 2021 / 4:05 p.m.
Carol McCalla Principal, Office of the Auditor General
Thank you for the question.
In that response, I was referring to the public health emergency of international concern, a PHEIC, that was issued by the WHO, on January 30, 2020. In issuing it, the WHO recognized that the risk assessment was very high for China and high at the global level.
4:05 p.m.
NDP
Matthew Green NDP Hamilton Centre, ON
Then it took us all of February and into March to move on it.
Through you, Mr. Chair, let me ask Ms. Hogan this. In doing your analysis, when you came before us both at the original committee meeting and today you stated that the agency relied on a risk assessment tool that was not tested and that the agency continued to assess the risk as “low”, despite the growing numbers of COVID cases in Canada and worldwide. You stated that in addition, the global public health intelligence network did not issue an alert about the virus that would become known as causing COVID-19.
Can you help me understand the timeline from January 30, when the WHO let us know that this is a significant problem, and how that alert would have differed or have been related to our systems that weren't tested and to the understanding that there was no global public health intelligence network alert? How does that global public health intelligence network alert differ from the WHO's alert in its seriousness?
4:05 p.m.
Auditor General of Canada, Office of the Auditor General
I'm going to probably back you up a little bit in time, but I want to make sure that we understand what happened on January 30.
We have an exhibit in our report, exhibit 8.1, that outlines a whole bunch of steps. I think it's a really good place for you to see a bit of the timeline. There are a lot of moving parts.
At the end of December 2019, the global public health intelligence network issued a daily report. As you might recall—and only because the member sits on another committee—the global public health intelligence network issues two kinds of report: an alert and a daily report.
There was a daily report at the end of 2019 that contained a link to an article about a virus that would then become known as the virus causing COVID-19. That daily report alerted the chief public health officer of Canada that she needed to reach out to her provincial counterparts and tell them that there was something serious going on. She did it, based on that daily report, but also based on the knowledge she had of what was going on around the world.
On January 15, the federal, provincial and territorial public health response plan kicked in, which caused special committees to get together to start to talk about the response domestically across the country.
January 30, which is what Ms. McCalla was referring to, was when the World Health Organization declared this a public health emergency of international concern. That's when they said that everyone needed to pay attention internationally, that this was a really big deal.
At that point, in January, there started to be risk assessments done by the Public Health Agency. All of those risk assessments—from mid-January, when the response plan was kicked in, all the way until March—had the risk of COVID-19 to Canada set as “low”, until the chief public health officer stepped in and said that, based on what she was seeing going on around the world and her discussions with her counterparts, it really should be much higher.
This is where we say the risk assessment tool was not designed to consider pandemic risk.
Now, throughout all of this, the global public health intelligence network never issued an alert, which is the second type of report it could issue. An alert signals domestically and internationally that there's something for you to stop and pay attention to on a health matter across the world.
4:10 p.m.
Auditor General of Canada, Office of the Auditor General
I see a difference between the daily report and the alert.
4:10 p.m.
Conservative
The Chair Conservative Robert Gordon Kitchen
Thank you, Ms. Hogan.
We'll now go to the second round. We'll go with Mr. McCauley for five minutes.
4:10 p.m.
Conservative
Kelly McCauley Conservative Edmonton West, AB
Thanks, Mr. Chair.
Ms. Hogan, welcome back.
You noted in your opening remarks that the government introduced added controls to limit potential abuse of CERB. What were these added controls, and were they strong enough? In your role as the Auditor General, would you have added different controls?
4:10 p.m.
Auditor General of Canada, Office of the Auditor General
Your question is about the Canada emergency response benefit. Prior to the issuance of a payment, there were some basic controls in place that would look at whether or not—
4:10 p.m.
Conservative
Kelly McCauley Conservative Edmonton West, AB
Specifically, you noted in your opening statement that the government introduced added controls. What were those added controls and did you view that they were sufficient?
4:10 p.m.
Auditor General of Canada, Office of the Auditor General
The first added control was the one that prevented the double application between CERB that was managed from the Canada Revenue Agency and CERB that was managed through Employment and Social Development Canada. There were other controls that were added to make sure that if you received the student benefit, you were not also receiving the Canada emergency response benefit. Those were, I guess, the overall big ones. They were policy decisions—
