Public Accounts Committee on March 7th, 2024

Mr. Chair, thank you for again inviting us to discuss our report on ArriveCAN, which we released on February 12.

I would like to acknowledge that this meeting is taking place on the traditional unceded territory of the Algonquin Anishinabe people.

Joining me today is Sami Hannoush, who was responsible for the audit.

This audit examined whether the Canada Border Services Agency, the Public Health Agency of Canada and Public Services and Procurement Canada managed all aspects of the ArriveCAN application in a way that delivered value for money. I will focus my remarks today on the role played by Public Services and Procurement Canada.

The department was responsible for issuing and administering contracts on behalf of the Canada Border Services Agency and the Public Health Agency of Canada when a contract's value exceeded the agencies' delegated authority to procure. We found that Public Services and Procurement Canada challenged the Canada Border Services Agency's use of non-competitive processes to award ArriveCAN work. It recommended alternatives, such as shortening the duration of non-competitive contracts or running competitive processes with a shortened bidding period. Despite this advice, the agency moved forward with non-competitive approaches.

We also reported that the Canada Border Services Agency's overall management of the contracts was very poor. Essential information was missing from awarded contracts and other documents, such as clear deliverables and the qualifications required of workers.

We found, contrary to Public Services and Procurement Canada's supply manual, that the department co-signed several task authorizations drafted by the Canada Border Services Agency that did not detail task descriptions and deliverables. Without this information, it is difficult to assess whether work was delivered as required and completed on time while providing value for money.

Public Services and Procurement Canada also co-signed many of the agency's amendments to task authorizations. Some amendments increased the estimated level of effort or extended the time period without adding new tasks or deliverables. This drove up the contract's value without producing additional benefits.

To deliver value for dollars spent and support accountability for the use of public funds, the Canada Border Services Agency and Public Services and Procurement Canada should ensure that tasks and deliverables are clearly defined in contracts and related task authorizations.

This concludes my opening statement. We will be pleased to answer any questions the committee may have.

Thank you.

Thank you, Mr. Chair.

I would like to acknowledge that we are meeting on the unceded territory of the Anishinabe Algonquin nation.

As the deputy minister of Public Services and Procurement Canada, my team and I are here to continue the important discussion about the Auditor General's report into the development of the ArriveCAN application.

I'm joined today by Dominic Laporte, assistant deputy minister for procurement, and Catherine Poulin, assistant deputy minister for departmental oversight.

During the pandemic, my department played a key role in keeping the work of the Government of Canada going as well as providing key support to provinces and territories. We are particularly proud of our role with regard to the urgent procurement of critical supplies and life-saving vaccines. PSPC has been part of two large audits since the pandemic, one related to the procurement of personal protective equipment and the other to the procurement of vaccines. These audits found, in general, that the controls and the procurement process worked as they should.

In the case of ArriveCAN, both the Auditor General and the procurement ombud have identified areas where we need to strengthen our oversight, notably related to documentation and to our procurement processes of IT consultants.

We accept these recommendations in full and have already put management actions in place to strengthen our processes.

Right now, we are focused on improving and further strengthening our processes, especially when it comes to IT procurement. We have been working since the fall to do just that.

Actions we’ve taken to date include improving evaluation requirements to ensure that resources are appropriately qualified; requiring increased transparency from suppliers around their price and use of subcontractors; improving documentation when awarding contracts and issuing task authorizations; and clarifying work requirements and activities, specifying which activities and which projects are worked on by contractors. In addition, my department is updating its guidance to aid other departments and agencies in procuring responsibly when using our procurement instruments under their own authorities. Finally, PSPC is also taking measures to appoint a senior executive who will be responsible for quality assurance and strengthening documentation within PSPC.

Fundamentally, improving IT procurement requires us to ensure that those processes are clear and transparent and that the roles, responsibilities and rules are understood, respected and adhered to. This includes working closely with the Treasury Board Secretariat and client departments and agencies to ensure that procurements are undertaken in a manner that respects the principles of fairness, openness and transparency.

In this regard, both the Treasury Board directive on the management of procurement and PSPC's supply manual stipulate the division of roles and responsibilities. For example, departments—our clients—are responsible for providing a justification for using non-competitive procurements.

In the case of procurements related to ArriveCAN, the Auditor General’s evaluation found that PSPC effectively provided a challenge function to the CBSA and proposed various alternatives to using non-competitive processes, such as running shorter competitive processes or shorter contract periods in the case of the non-competitive approaches. Within the context of the emergency situation brought on by the pandemic, PSPC and our legal counsel found that the justification provided by the CBSA for their approach was sufficient and met the criteria for emergency use.

When it comes to a lack of transparency around decision-making, we are committed to addressing the root causes, strengthening document management practices and continuing the deployment of our electronic procurement solutions so that transparency in decision-making is ensured and Canadians and parliamentarians can have renewed confidence in the administration of federal procurement activities. New measures that we’ve put in place have already addressed a number of these areas. We continue to take action to further strengthen the procurement of IT services.

In closing, I know that there have been many concerns raised in the media and in parliamentary committees regarding federal procurement and the integrity of the system. We share those concerns and are actively working to improve the procurement system as well as undertaking required investigations where warranted.

The domain of procurement is one that inherently has higher levels of risks associated with conflicts of interest. That is why the government requires all of its suppliers, their subcontractors and all employees to operate lawfully and in a responsible manner by, at a minimum, meeting the expectations and obligations set out in the Code of Conduct for Procurement. For federal public servants, those expectations and obligations are outlined in the Code of Values and Ethics. Among other things, these codes require that all employees declare conflicts of interest, where applicable.

These codes provide important underpinnings and guiding principles for the work that is done in procurement. Ensuring respect and adherence to these codes is of the utmost importance.

Our actions will help reinforce the adherence to the codes, improve the way we do business with companies and further safeguard the integrity of the procurement system.

Thank you.

First, we need to look at the national security exception invocation. This is a tool that exists in trade agreements to give Canada the ability, in the case of a crisis, to move quickly outside of the current competition. Each trade agreement allows this.

There was not a one-to-one relationship between the NSE and GC Strategies. Rather, the Public Health Agency, the CBSA and various departments came forward and said that because of the global pandemic, they had a need to move quickly, and they asked us at PSPC for that authority. In consultation with legal counsel and PSPC, national security exemptions were granted. That does not mean or guarantee a sole-source strategy in any procurement process.

I'm going to pause here, because I have an expert in NSEs with me.

Dominic.

I have nothing to add there. Thank you.

I believe that when the CFO wrote to PSPC seeking the invocation of a national security exemption, described was a whole series of different low-touch technologies to keep all of the various borders open. I don't remember seeing anything in relation to any one contractor or any $13.9 million.

I know that in the response PSPC provided, we limited it and said their NSE would be valid for a three-month period, because, again, with the evolving pandemic, we did not want to give a long-term NSE that would create expectations or further contracting requirements.

I'm going to ask Madam Poulin to answer.

It's important to distinguish between the security clearance required of an organization or staff and a capability required of an organization. It's not necessary for an organization to have the capability when the contract is awarded. However, the organization will need to have the capability when it's required as the contract is being carried out. So it's normal for a contract to be awarded without a capability having been verified through the contract security program.

In the case of GC Strategies, the company didn't need that capability to carry out the contract. The contract was therefore amended to remove that requirement.

These divisions of responsibility between the client department and the contracting authority are actually well documented in the Treasury Board policy on contract management.

I'm going to to turn to Dominic, who will give us a good overview of it.

Thank you.

In terms of the division of roles and responsibilities, it's important to keep in mind that the client will define their official requirements. They define their budgets. Basically, they're going to contact the procurement authority with the goods or services they want to procure in mind, and it's up to PSPC to provide advice on the process best suited for the procurement depending on the nature of the services, whether there is a supply arrangement in place or there is a standing offer, to make sure that if this is beyond their client's delegation authority, they can leverage our tools. It allows for a process that is usually competitive. It's streamlined, and we can also benefit from supply arrangements that exist.

In terms of our role, we are the contracting authority, so we're going to make sure, for example, that things are within budget. We take care of the financial evaluation of the bids received. In terms of the technical evaluation, that is up to the client. There are clearly roles and responsibilities spread between the client department and the contracting authority, and oftentimes PSPC plays a role.

We certainly do. This is something that has been truly reinforced since November 28 with our client departments. On December 4, we sent directives to all of our staff to make sure we have a task authorization checklist. That is mandatory for requesting information. It is not necessarily a checklist that has been provided by the client. It's about seeing copies of CVs, having an actual attestation of the resources and permission to use their names and seeing that their experience is accurately represented. All of these things are now being double-checked by PSPC when we're using our authority.

Our team has shared a package of information around that, but to describe it in more detail, you will see that there is an exchange of emails. As just noted, the sole-source justification is the responsibility of the department. They created a sole-source justification. The contracting authority pushed back several times, looking to ensure that the information was accurate and that it was really clear. We had to be convinced that there was only one IT firm that could provide staff augmentation on this, looking at the timelines that were provided.

There was a whole series of steps, with a challenge function at the DG level within CBSA, to outline specifically what was required to move forward.