Thank you, Mr. Chair, and thank you to the witnesses.
I want to come back first, if I can, Mr. Edwards, to this issue of the Auditor General finding that in some cases there were no records of oaths of office being taken or security checks for locally engaged staff. Your comment, as I understood it, was that one of the actions you've taken is to remind them that they're supposed to do this.
I want to know what the consequences are, because if an incident occurred where there was a security breach or a major incident had occurred, and you went back and you asked them to show you the security check for the individual who was involved in a leak or some sort of problem, and there was no file, you can imagine that would be a devastating situation. I know that in the financial services sector, where I was, there's a requirement for employees to keep all kinds of detailed information in the files, and if it's not there, they know they're going to be shown the door.
So to me, just reminding them to try to have these things on hand isn't good enough. What's the consequence? This has been identified. Obviously this committee finds it very serious. You have individuals who don't keep these files. What do you do? Hopefully it wouldn't take an auditor's report to uncover this again, but let's say there's another auditor's report and people still aren't doing this. At one point, is there a consequence for this?