Audit of the Canadian Firearms Program continuum of eligibility for firearms licensing

Vetted report

February 2018

Access to information

This report has been reviewed in consideration of the Access to Information Act and Privacy Acts. The asterisks [***] appear where information has been removed; published information is UNCLASSIFIED.

Table of contents

1. Acronyms and abbreviations
2. Executive summary
3. Management's response to the audit
4. 1 Background
5. 2 Objective, scope, methodology
   • 2.1 Objective
   • 2.2 Scope
   • 2.3 Methodology
   • 2.4 Statement of conformance
6. 3 Audit findings
   • 3.1 Governance
   • 3.2 Training, sufficiency and timeliness of information
   • 3.3 Monitoring and oversight
   • 3.4 Risk management
7. 4 Conclusion
8. 5 Recommendations
9. Appendix A – Audit objective and criteria

Acronyms and abbreviations

BI

Business Intelligence

CFIS

Canadian Firearms Information System

CFO

Chief Firearms Officer

CFP

Canadian Firearms Program

CFPM

Canadian Firearms Program Manual

CPIC

Canadian Police Information Centre

CPS

Central Processing Site

ES

Enhanced Screening

DAC

Departmental Audit Committee

FBI

Firearms Business Improvement

FO

Firearms Officer

NHQ

National Headquarters

ORMS

Operational Records Management Systems

PRIME

Police Records Information Management Environment

PROS

Police Reporting and Occurrence System

RCMP

Royal Canadian Mounted Police

Executive summary

The Canadian Firearms Program's (CFP) mission is to enhance public safety by reducing the risk of harm from misuse of firearms. Through the offices of Chief Firearms Officers (CFOs), the CFP works with the provinces and territories to manage firearms licensing, authorizations to carry or transport, and the continuous eligibility of licensees in each jurisdiction. Under the current licensing regime, client eligibility is assessed at the time the individual applies for a firearms licence, continuously while the individual is a licence holder, and at the time the individual applies to renew their licence (every five years).

The objective of the engagement was to assess the effectiveness of the processes in place to ensure the eligibility of firearms licence applicants and holders, and the adequacy of the supporting management control framework.

Overall, the audit found that an effective management control framework is in place and that eligibility processes and investigations are compliant with legislation and policies. Nevertheless, opportunities exist to improve processes and to mitigate risks impacting the eligibility screening process. Challenges were found in the areas of policy, training, availability and timeliness of information, processing delays and monitoring and prioritization of work queues.

With respect to the national policy framework and training standards, opportunities to improve consistency and decision-making exist by updating the national Canadian Firearms Program Manual and developing standardized training for personnel in key decision-making roles.

Required information to assess eligibility which is directly available to the CFP is generally available on a timely basis. Information which needs to be requested from third parties may experience delays, thereby delaying the conduct of eligibility investigations. This increases the potential risk to public safety.

Emphasis on developing additional mechanisms to monitor and triage priority files as well as assessing options to improve the timeliness of third party information could further mitigate these risks. Leveraging the CFP's existing capacity to perform data analytics using business intelligence tools to proactively monitor and triage work queues based on predetermined risk factors would assist in this regard.

Opportunities may also exist to further analyse and assess the residual risks related to the reengineered approach to Enhanced Screening. The management responses included in this report demonstrate the commitment from senior management to address the audit findings and recommendations. A detailed management action plan is currently being developed. Once approved, RCMP Internal Audit will monitor its implementation and undertake a follow-up audit if warranted.

Management's response to the audit

Specialized Policing Services is in agreement with the Audit Findings as outlined within Section 3 of the Report. Specialized Policing Services is also in agreement with the Audit Recommendations, as outlined within Section 5 of the Report, and have taken the following steps.

The CFP has initiated a project which will complete the CFP Subsidiary Manual and ensure continuous updates and maintenance through a management control framework. This project will also develop national Standard Operating Procedures (SOP) for each key Program business activity.

The CFP has initiated discussions to secure a National Training Coordinator whose mandate will be the implementation of a National Training Regime which will include training on: the Firearms Act and associated Regulations; investigative methodologies and techniques; the CFP Policy & SOPs; and the automated tools which support the administration of the Firearms Act.

The CFP is currently in discussions with Contract & Aboriginal Policing (CAP), as well as management within CPIC Services, to modify the current CFP Policy on the use of PROS to ensure timely accessibility to information which assists in assessing the eligibility of Program clients to acquire or possess firearms. In addition, the Chief Firearms Officer (CFO) of British Columbia (BC)/Yukon Territory is in discussions with the BC Ministry of Public Safety and Solicitor General regarding their access to PRIME, based on Recommendation #37 of the BC Illegal Firearms Task Force Report which supports increased access to this Information Management System.

In October 2017, the CFP initiated a pilot project which re-engineered the Enhanced Screening Protocol in an effort to acquire relevant information *** which would assist the CFO in establishing the eligibility of an applicant to acquire or possess firearms. Additionally, the CFP have included an initiative within their 2018/2019 Strategy Map which will "Develop enhanced processes and additional training to strengthen screening and investigation of mental health-related files".

The CFP executed an Organizational & Operational Review of the Federal CFOs, as a follow up to the 2013 Review, in the fall of 2017 which assessed work volume, work prioritization and roles and responsibilities. This report, to be published in early spring 2018, includes action items to address the triage of workloads and the use of performance metrics to enhance the prioritization and management of work.

The CFP will construct a Management Action Plan which will track each of these recommendations within the Audit Report. Specialized Policing Services would like to express its appreciation and gratitude for the level of effort put forth by Internal Audit respecting the execution of this initiative and the level of detail which was documented within the Report.

Assistant Commissioner François Bidal
Acting Deputy Commissioner, Specialized Policing Services

1 Background

The Canadian Firearms Program's (CFP) mission is to enhance public safety by reducing the risk of harm from misuse of firearms. It provides direct service to the public in relation to the administration of the Firearms Act and its associated regulations, which govern possession, licensing, transportation, use, registration and storage of firearms in Canada. This includes screening individual owners to confirm their eligibility to possess firearms, and promoting responsible ownership, storage and use of firearms. The CFP also provides direct operational support to law enforcement in all firearm-related inquiries and investigations.^{Footnote 1}

In 2006, the Royal Canadian Mounted Police (RCMP) became responsible for managing the CFP. The CFP currently reports to the Commissioner of Firearms, who is also the Commissioner of the RCMP.

Through the offices of Chief Firearms Officers (CFOs), the CFP works with the provinces and territories to manage firearms licensing, authorizations to carry or transport, and the continuous eligibility of licensees in each jurisdiction. There is a CFO for each province and territory. The provinces of Ontario, Quebec, New Brunswick, Prince Edward Island, and Nova Scotia are known as the "Opt-in provinces" since these provinces have chosen to administer the Firearms Act and its regulations within their jurisdictions. As such, these CFOs are provincially appointed and are accountable to the federal Minister of Public Safety through contribution agreements. The CFOs in the remaining provinces and territories of Alberta/Northwest Territories (AB/NT), British Columbia/Yukon (BC/YT), Manitoba/Nunavut (MB/NU), Saskatchewan, and Newfoundland and Labrador are federally appointed and report directly to the CFP. These CFOs are referred to as federal CFOs and these jurisdictions are known as the "Opt-out provinces and territories". The federal CFOs are RCMP employees reporting to the Director General (DG) CFP through the Director, Firearms Regulatory Services.

Under the CFP's Firearms Service Delivery directorate, the Central Processing Site (CPS), located in Miramichi New Brunswick, carries out central processing functions for the CFP as a whole. CPS is comprised of a Contact Centre and various processing facilities including the Data Processing/Mailroom units which intake and process approximately 260,000 firearm licence and renewal applications annually, and the CFO Support Unit which provides administrative and operational support to multiple CFOs across Canada.

In Canada, individuals who possess or use firearms must be licensed, unless an individual is using a firearm under the direct and immediate supervision of a licensed holder. Similarly, all individuals who acquire firearms or ammunition must be licensed. The Possession and Acquisition Licence (PAL) is currently the only firearms licence issued to applicants over the age of 18.^{Footnote 2} In 2016, the CFP issued 406,592 new licences and there was a total of 2,076,840 valid licence holders in Canada.^{Footnote 3}

Under the Firearms Act (the Act), CFOs are authorized to refuse an application for a firearms licence or to revoke a firearms licence based on their assessment of an individual's potential risk to public safety. There were 2,223 firearms licences revoked and 771 firearms licence applications refused for various public safety reasons in 2016.^{Footnote 4} Under the current licensing regime, client eligibility is assessed at the time the individual applies for a firearms licence, continuously while the individual is a licence holder, and at the time the individual applies to renew their licence (every five years).

To ensure compliance with the Act, firearms licence holders are continuously screened to assess their eligibility to remain licensed. This is known as continuous eligibility screening. Accordingly, if a licence holder is involved in an event involving violence (or other offences specified in Section 5 of the Firearms Act), it is reported in the Canadian Firearms Information System (CFIS) via a Firearms Interest Police (FIP) and sent to the relevant CFO for review. There were 29,487 FIP events in 2016 that were matched to individuals with a firearms licence.^{Footnote 5}

The Commissioner-approved 2016-2019 Risk-Based Audit Plan included an audit of the CFP. The CFP's high public profile along with recent heightened scrutiny stemming from coroner's inquiries supported an independent review of eligibility screening for firearms licensing.

2 Objective, scope and methodology

2.1 Objective

The objective of the engagement was to assess the effectiveness of the processes in place to ensure the eligibility of firearms licence applicants and holders, and the adequacy of the supporting management control framework.

2.2 Scope

The scope of the audit included the processes in place to ensure the eligibility of firearms licence applicants, existing firearms licence holders and clients renewing their licences. This included a review of the procedures undertaken by the "Opt-out" CFOs as well as the supporting operations of CPS and the CFP policy centre located at national headquarters. Since the federal CFOs and the CPS are composed of RCMP employees who report to the DG CFP, their activities fall within RCMP Internal Audit's mandate to audit. The Opt-in CFOs and their staff are employees of their respective provincial Department of Justice or Solicitor General and not RCMP employees. Accordingly, their activities do not fall within RCMP Internal Audit's mandate to audit and were not examined.

The period of scope for files reviewed for this audit was January 1, 2016 to December 31, 2016.

The audit did not assess the quality of data within CFIS.

2.3 Methodology

All work was conducted in accordance with the Institute of Internal Auditors International Standards for the Professional Practice of Internal Audit (2015) and the 2017 TB Policy on Internal Audit.

Planning for the audit was completed in May 2017. In this phase, the audit team conducted interviews, process walkthroughs and examined relevant policies, procedures and results of previous audit work performed.

Sources used to develop audit criteria and audit tests included the Firearms Act and related regulations as well as RCMP policies and guidelines. The audit objective and criteria are available in Appendix A.

The examination phase, which concluded in November 2017, employed various auditing techniques including interviews, documentation reviews and testing of client files. Site visits took place at CPS and two "Opt-out" CFO Offices, CFO BC/YT and CFO AB/NT to review files and assess practices. Upon completion of the examination phase, the audit team held meetings to validate findings with personnel and debriefed senior management of the relevant findings.

The table below provides a summary of the number of files tested during the audit. Sampling methodology involved random sampling based on CFIS data extracts obtained from the CFP. To review the application process, the audit team tested a random sample of approved first-time applications and licence renewals for various types of firearms (non-restricted [NR], restricted [R] and prohibited [P]), as well as first-time and renewal applications which were refused. To review the continuous eligibility process, the audit team sampled client files which had eligibility events during the 2016 calendar year.

2.4 Statement of conformance

The audit engagement conforms to the Institute of Internal Auditors' International Professional Practices Framework and the Treasury Board of Canada Directive on Internal Audit, as supported by the results of the quality assurance and improvement program.

3 Audit findings

3.1 Governance

Policies and procedures

The Firearms Act and its related regulations are the legislative components that govern the administration of the CFP. The Act defines criteria which are to be considered by CFOs to assess an individual's eligibility to hold a firearms licence. This includes assessing whether or not an individual has been convicted of certain Criminal Code offences, has been treated for mental illness, has a history of violent behaviour, or is the subject of a prohibition order against possessing firearms. The Act also specifies that an individual is only eligible to hold a licence if they have successfully completed the necessary firearms safety courses. The Act solely authorizes CFOs to make licensing eligibility determinations. Pursuant to Section 98 of the Act, these powers, duties and functions are formally delegated by the CFO to CFP Firearms Officers (FOs).

The audit noted that the screening processes in place to assess eligibility are focussed on obtaining information necessary to assess the various criteria as specified in the Act. For example, in order to assess criminal convictions, a Canadian Police Information Centre (CPIC) inquiry is conducted on the individual. Similarly, court records are queried in order to determine the existence of any prohibition orders. The policies and procedures in place were found by the audit team to be in alignment with the requirements of the Act.

In terms of a policy framework we expected the CFP to have national policy in place which would govern eligibility activities program-wide and provide the basis from which more detailed unit level policies and procedures could be developed.

The Canadian Firearms Program Manual (CFPM) is the national policy manual. Among the subjects included in the CFPM is licensing. A number of sections in the licensing portion (Part 2) of the CFPM which relate to eligibility screening are currently blank, including Section 7 – Continuous Eligibility, Section 8 – Court Orders, and Section 10 – Refusals and Revocations.

Compensating for this gap in the national policy manual, both the CPS and the CFO offices have detailed policies and procedural guidance in place at the unit level to govern eligibility processes. Given the repetitive nature of the steps involved in processing applications and reviewing continuous eligibility concerns, these detailed standard operating procedures assist to ensure standardization of processes.

At the unit level, it was observed that the CPS and CFO office staff are aware of policies given that they refer to them for their day to day activities. Managers and supervisors communicate updates or changes to policies in a timely fashion and there are mechanisms in place such as intranet sites which serve as central repositories for relevant policies and procedures as well as for sharing updates and important information.

As a result of the 2013 Operational Review which sought to centralize common administrative processes, many of the administrative processes and lower risk decision-making are carried out by the CFO Support Unit within CPS on behalf of CFOs. One of the key controls in place to operationalize this decision-making is a matrix which delineates what can be approved by CFO Support Unit staff and what requires escalation to CFO offices for review. The matrix has been refined over time and discussion is ongoing within the program as to whether or not additional decision-making should be delegated to the CFO Support Unit.

Compliance

To review the integrity of the eligibility screening process, different types of files in both CFIS and at the CFO offices were examined to assess whether the required procedures were completed and appropriate supporting evidence was on file to support eligibility decisions.

Applications/renewals

Audit testing demonstrated that the necessary eligibility checks had been carried out prior to licence issuance for 100% of the 110 approved firearms applications and renewals which were sampled. This included automated system checks as well as manual steps when required.

Similarly, the necessary checks were found to have been completed for 100% of the 12 refused applications/renewals sampled. In each case, the rationale for the decision was documented and aligned with the eligibility criteria contained in the Act. Where necessary, there was evidence that an eligibility investigation was conducted to support the decision to refuse the application.

Continuous eligibility files

To assess the timeliness of the Continuous Eligibility screening process, audit testing was performed on a total of 66 files which had incurred a FIP event, including files for which the final outcome of the eligibility investigation was still pending.

In general, the file review determined that although the CFP is notified of a FIP event relatively quickly through the continuous eligibility process (two-day average) and the CPS in turn provides disclosure and notifies CFO offices of these occurrences in a timely fashion, there are significant delays in both initiating investigations and in the duration of eligibility investigations themselves. In many cases, where charges have been laid against a client, it appears the CFP chooses to await the court outcome before making an eligibility decision.

• Revocations and Valid Licences: testing of files relating to revoked licences (16) as well as files relating to licences that had been flagged for eligibility concerns but which had their status returned to 'valid' after investigation (14) were all found by the audit team to be fully compliant with the eligibility criteria contained under Section 5 of the Firearms Act. For the revoked licence files, the average amount of time from the FIP event to an eligibility decision by the CFO was 110 days^{Footnote 6} (80 days for CFO BC/YT and 140 days for AB/NT). For the files whose status was returned to 'valid', the average amount of time from the FIP event to an eligibility decision by the CFO was 231 days^{Footnote 7} (203 days for CFO BC/YT and 268 days for AB/NT).
• RSR and Under Review: for the 27 files reviewed from both CFO offices which had incurred a FIP event but did not yet have a final decision as at the time of the audit (i.e. still in "RSR" or "Under Review" status), the average time which had passed since the initial FIP event was 331 days^{Footnote 8} (324 days for CFO BC/YT and 337 days for AB/NT).
• Expired Licence: nine files were reviewed which had experienced a FIP event for which the status of the licence was "expired" at the time of review. In all cases, the licence had expired before the CFP was able to review/investigate the FIP and make a final eligibility determination. For these files, the average time from the FIP event to licence expiration was 189 days^{Footnote 9} (142 days for CFO BC/YT and 249 days for AB/NT).

The risk to public safety in delays is often mitigated by the fact that law enforcement has seized the individual's firearms and firearms licence. The audit noted that it is a priority for FOs to determine whether such seizure has occurred when reviewing FIP events. This is done by a review of the occurrence details and by contacting the police officer involved, if necessary.

Possibly the more significant risk to public safety occurs whenever files with FIP events await initial review by the CFO for an extended period of time. Although both BC and Alberta have similar volumes to process, BC has the additional mitigation measure of reviewing each file immediately upon receiving it in their queue for a first level "triage". This practice is not currently being employed in the CFO AB/NT office. The main contributing factor cited by the CFO AB/NT office for these delays was a staff shortage. At the national level, the CFP has been considering workload redistribution among CFOs to alleviate some of Alberta's backlog (i.e. sending Alberta files to be processed by CFO MB/NU). Further discussion of the CFP's monitoring and management of file backlogs follows in section 3.3 of this report.

3.2 Training, sufficiency and timeliness of information

Training

Employee training is important to ensure that processes are carried out as intended. It also facilitates standardization and efficiency. The audit expected to find that national training standards existed and that employees had received the necessary training to carry out their responsibilities.

The majority of the processes related to eligibility processing are administrative in nature. As such, most new employees are trained by "job shadowing" a more senior employee. Given that many of the tasks are repetitive, procedural guidance has been documented at the unit level to support employees in carrying out various tasks. In addition to on-the-job training related to specific roles, formal training related to specific work tools^{Footnote 10} are offered and there are also some mandatory courses for all new RCMP employees offered online through AGORA. As well, Legal Counsel assigned to the CFO AB/NT and CFO BC/YT offices offer training courses on the Firearms Act and related regulations to new CFO staff as well as training on specialized legal topics specific to FOs. In addition, both CFO AB/NT and CFO BC/YT have documented training requirements for new employees in various roles (i.e. specific material to which employees are to be exposed) to aid in developing suitable individual training plans.

As of October 2016, a Program Expertise (PE) unit has been responsible for developing and administering training to all new staff in some of the CPS units (Contact Centre, Data Processing, CFO Support Unit). PE plans to expand its training offerings to the remaining units in the future (Mail & Records, Exceptions Handling). PE is also responsible for providing technical guidance and quality assurance monitoring.

The audit team noted the best practice of cross training staff within functional groups to be able to work on a variety of tasks. This allows flexibility to reallocate staff within CPS or within respective CFO offices to address backlogs and priorities. With the exception of employees working in the role of FO, staff interviewed at both CPS and CFO offices generally felt the training received was sufficient for performing their job related duties.

The training gap identified by interviewed CFOs and FOs was the absence of a training standard for employees working as FOs, a role for which a broad skillset is necessary. FOs have the responsibility of conducting investigations into eligibility concerns and making final eligibility decisions based on the results of those investigations. Given the role of the FO, it was considered an asset to have previous working experience in a regulatory environment, and/or conducting investigations. However, CFOs reported that finding suitable candidates with the necessary experience was difficult and that current FOs have differing backgrounds.

Collaborating with RCMP Learning and Development to develop a training standard for FOs could assist in addressing gaps in employee experience and foster consistent practices and decision-making. One of the CFOs has been leading an initiative to develop a national training approach for FOs. This will include leveraging any pre-existing RCMP training modules (e.g. investigative techniques, note-taking, interviewing) and identifying any gaps where specific training needs to be developed.

Sufficiency and timeliness of information

A number of information sources are used to assess an individual's eligibility to hold a firearms licence. These sources include but are not limited to CPIC, PROS, PRIME BC, other police records management systems (RMS), court records, responses to Personal History Questions on a firearms licence application, and enhanced screening results.

Under continuous eligibility, additional information sources are typically involved as part of an investigation into a FIP event. For example, additional information may be obtained from the client via an interview, disclosure of an occurrence may be requested from the police of jurisdiction, or in Mental Health Act (MHA) cases, information from a medical practitioner (RCMP form 6423) may be obtained. The CFP's ability to conduct an accurate assessment of an individual's eligibility is dependent on access to and availability of complete information.

The audit found that in general, sufficient information is available to program personnel to make eligibility determinations. It was noted however, that there is room for improvement in certain areas.

Coding of Occurrences

Under continuous eligibility, client information within CFIS (the CFP's information system), is continually compared against information in CPIC to monitor client interactions with law enforcement which might be of interest. CFP staff have indicated a risk relating to generic coding by police officers of occurrences that may be relevant to CFP eligibility assessments. While one CFO office estimated that one to two such occurrences are noted on a weekly basis, the audit team only noted one such occurrence as part of the sample of files reviewed for testing. The program has attempted to mitigate this risk with proactive outreach to policing partners to educate on the importance of accurate coding of occurrences to the FIP process. In consultation with the CFP, Contract and Aboriginal Policing (CAP) has recently issued policy updates relating to incidents involving violence in relationships where the suspect has mental health issues and access to firearms.^{Footnote 11}

Access to CPIC Information

As a regulatory body, the CFP is bound by privacy considerations and does not have unrestricted access to PROS/PRIME.

The CFP is classified as a "Category III" agency for CPIC purposes which is support to law enforcement. As such, Chapter 2.6 of the CFPM contains direction which limits what information CFP staff can access in these systems. Specifically, section 4.2 states that "[T]he CFO/delegate must only access the occurrence associated to the FIP entry or to its investigation when querying ORMS." Section 4.4 specifies that "[A]ll queries undertaken using a surname, address, or any other search entry besides the operational occurrence number related to the FIP will be considered a breach of access, and may result in the suspension of access, a review of the individual's security clearance, and/or disciplinary actions."^{Footnote 12}

Through formal discussion with the police of jurisdiction related to a FIP, the CFP can be made aware of the existence of additional relevant eligibility information in ORMS. In these instances, additional disclosure must be requested from the police of jurisdiction in order for the CFP to have authorized access to this information. While CFP staff and CFOs have indicated that increased access to other historical occurrences would assist in providing additional information to assess eligibility it would mean unfettered access to personal information that may be unrelated to the assessment. As such, further assessment of the impact on privacy concerns is required by the organization.

Disclosure of Information

An additional risk relates to the timeliness with which information relevant to assess eligibility is available. Based on evidence obtained from interviews and file testing, timeliness in obtaining eligibility related information varies depending on the information source and whether or not program personnel have access to the information directly or whether the information needs to be requested from a third party. Where delays existed in obtaining information it was most often out of the CFP's control.

Generally, CPIC, court information, and PROS disclosure is obtained within one or two days. On average, CPS staff obtain any required disclosure for PROS related occurrences within a day. CFO AB/NT has direct, full access to JOIN (Alberta court record information system), and to both Edmonton Police Service and Calgary Police Service RMS. This facilitates obtaining information in a timely fashion. In the case of CFO BC/YT, staff have direct, full access to JUSTIN, which is the BC provincial court record information system.

Delays were noted with non-PROS (PRIME BC or other RMS) related disclosures. In these cases, turnaround time for disclosure was reported to be between a few days and a few weeks depending on the policing partner involved. CPS cannot perform PRIME disclosures on behalf of CFO BC/YT, so all FIPs originating from BC are sent to CFO BC/YT for disclosure. CFO BC/YT in turn does an initial PRIME check and sends disclosure requests to the police of jurisdiction. As part of the sample of files reviewed for CFO BC/YT, five files were noted as having been reassigned to an FO for investigation with varying timeliness with respect to PRIME disclosure turnaround (four months, four months, four weeks, three weeks, two weeks). Although CFO AB/NT relies on CPS for PROS disclosure, staff will send disclosure requests to non-RCMP police of jurisdiction (i.e. Medicine Hat, Lethbridge) when required.

Delays were also noted in obtaining medical information pertinent to assessing mental health risks and applicant/client eligibility. Such delays can impact rendering an eligibility decision as the physician's opinion can inform an FO's assessment of the individual's suitability to obtain/retain a firearms licence.

The typical process involves applicants/clients providing a medical questionnaire (RCMP Form 6423) to their medical practitioner for completion and submission to the CFP. To mitigate the risk of prolonged delays in obtaining medical information, the CFP implemented a policy which requires the medical form to be completed and returned within 60 days. If medical information is not received by the end of the 60 days, the program may proceed with a firearms licence refusal or revocation. An extension can be provided but only in special circumstances. The CFP relies on outreach to policing partners and medical associations to convey the importance of timely processing of requests for pertinent information to assess eligibility concerns.

Enhanced screening

The enhanced screening (ES) process, introduced in 2007 involved conducting telephone interviews with the applicant and two references in order to flag any potential public safety risks in granting the individual a firearms licence. In 2010, the CFP conducted a review of the effectiveness of ES as a means of flagging eligibility issues. Based on the review, the CFP decided in April 2014 to reduce the ES process to a single telephone interview with just one of the applicant's references.

In 2017^{Footnote 13} as part of a pilot project, the process of interviewing references by telephone was phased out ***. As the pilot project progresses, policies and SOPs are being developed and formalized. It is estimated that approximately 14,400 applicants would meet the criteria for screening annually under the new ES process. The CFP intends to evaluate the effectiveness of the new process once the pilot has been in place for four months.

The audit team's assessment is that further analysis should be carried out to assess the residual risk of changing the approach to ES. Potential trade-offs related to the change in process should be assessed. ***. The CFP should consider such factors as part of its review of the results of the pilot project.

Another initiative to be undertaken by the program, to potentially increase the usefulness and relevance of the information requested for screening licence applicants, is a review of the personal history questions^{Footnote 14} on the current licence application form. Given that the questions have been the same for many years, the program intends to review them for alignment with current risk factors.

3.3 Monitoring and oversight

The audit expected to find that processes existed to review eligibility activities carried out by the CFP to identify opportunities for improvement, and that performance information was being captured and used by management for decision-making. The audit also expected to find quality assurance (QA) processes at the unit level to monitor compliance of eligibility activities and that work queues were being monitored and prioritized based on risk factors.

Within the CFP, the Firearms Business Improvement (FBI) directorate leads the design of business processes based on policy and operational requirements. Using business intelligence (BI), as well as by conducting internal operational reviews, it evaluates processes with a view to improving efficiency and effectiveness. The review of the effectiveness of ES and proposed changes to the ES process discussed previously in this report were led by the FBI directorate.

In 2013, the FBI directorate led a national Organizational and Operational Review (OOR) of CFO offices focused on key business activities, volume of work for each activity, level of effort for each activity (time in motion study) and resource requirements. The review also assessed the feasibility and impact of centralizing common administrative activities. This led to the establishment of CPS' CFO Support Unit. Since the 2013 OOR, CFP staff and management identified that there are likely additional opportunities for work to be reallocated from the CFO offices to the CFO Support Unit to allow the CFO offices to focus on higher risk investigative work. The audit team's assessment supports reviewing the possibility of reallocating work between CPS and CFO Offices.

As a follow-up to the 2013 review, the FBI directorate initiated an organizational review of CPS CFO Services in September 2017^{Footnote 15}. The review was to focus on executing a comprehensive analytical assessment of CFO and CFO Support Unit business activity process work flows to identify inconsistencies, anomalies/issues as well as to identify public safety risks. The results of the review were not available prior to the completion of this audit.

The FBI's BI group performs data analytics using information in CFIS to provide reports to the CFP's other directorates that can help inform decision-making. For example, regular reports are prepared for the Director of Firearms Regulatory Services and the Director of Firearms Service Delivery on work volumes, queues and backlogs. It can also carry out more in-depth analysis to enable the CFP's other directorates to monitor areas of concern and help foster continuous improvement. Data analysis conducted by the FBI directorate identified process improvements relating to the timing of Legal Services' involvement in the revocation process as well as the development of a standardized revocation letter in 2017. While the audit found that the FBI directorate plays a role in helping to ensure that CFP eligibility processes are monitored and reviewed for enhancement opportunities, opportunities exist to further leverage the FBI directorate's data analytics capacity to monitor the nature of work volumes and backlogs at CFO offices and hone in on specific risk areas of concern to the CFP as a whole (e.g. risks relating to the significant backlogs in the CFO AB/NT office). This would enable the CFP to have greater visibility on backlogs and develop additional strategies to address them, in addition to the strategy of transferring workload from one CFO office to another.

Quality assurance

The accountability for QA monitoring of eligibility screening processes rests with the CPS and the CFOs where the eligibility activities have taken place.

The PE group within the CPS conducts QA on the output of certain units; namely, the Contact Centre, the Data Processing unit, and the CFO Support Unit. Each employee in those units has a PE analyst who regularly reviews a sample of their work and provides feedback. As PE's mandate is relatively new, the QA function is still to be developed for other processes within the CPS. Currently Mail & Records, Exceptions Handling-Accreditation are not subject to QA processes.

At the CFO offices, a number of processes were in place at the time of the audit to ensure quality control of eligibility processes. For example, the reviewed files included checklists and templates to ensure completeness and process standardization. FOs are expected to engage their supervisors (Operations Managers or Team Leaders) and CFOs on files that are sensitive, and Legal Counsel reviews all proposed application refusals and licence revocations.

In recent years, the CFP has required CFOs to carry out the unit level quality assurance (ULQA) process related to "Quality of Investigations". For both CFO offices visited, the results of their 2016 ULQAs, which were based on an internal review of over 110 files, were reviewed by the audit team. Deficiencies noted for both CFOs related to ensuring that all investigational steps undertaken by staff were documented in CFIS. The ULQA results in both cases suggested that supervisory review could mitigate the deficiencies noted.

Audit evidence obtained through both file testing and interviews support the need for additional supervision. It was noted that supervisory review of files is currently focused solely on files with negative eligibility decisions. The effectiveness of the QA process could be improved if files with all types of outcomes were reviewed for compliance and consistency, as there are inherent risks in an individual obtaining/retaining a firearms licence at the conclusion of an eligibility investigation.

Monitoring and management of file backlogs

Given the highly process-based operating environment within the licensing portion of the CFP, the audit expected to find that work queues were monitored for backlogs and bottlenecks, and that mechanisms were in place to prioritize files based on predefined risk factors.

Overall, it was noted that there was a shared understanding among program units as to what eligibility risks were most significant. This in turn led to a generally consistent approach to prioritizing workload. Priority files were those with mental health (MH) concerns, public safety concerns, and FIP events related to current clients. New licence applicants with eligibility issues were considered less of a priority because of the assumption that these individuals do not have legal access to firearms so the risk to public safety is not as great.

As a means of ensuring that MH files are prioritized, a CFO work queue dedicated to MH related files was created in the Spring of 2017. This queue allows the CPS to quickly notify the relevant CFO offices of such priority files. The CFO offices in turn ensure that staff investigate any of the files in this queue on a priority basis. However, the newly created queue does not apply to BC files. Since BC related FIP events come from the PRIME-BC RMS, and CPS does not have access to this system, they cannot perform a first level triage for these files. Therefore, CFO BC/YT performs the triage of its FIPs and uses its own method for flagging MH files internally using a "PRIORITY" descriptor in the file heading. They have been doing this since 2013.

The audit found that workload is regularly monitored at both CPS and CFO offices. At the CPS it was noted that units were heavily focussed on monitoring queues of various sub-tasks to identify delays and backlogs. Given the CPS is highly service standard driven, this monitoring provided supervisors with the information required to adjust priorities and reallocate resources to focus on areas with greater backlogs. This is facilitated by the fact that employees are cross-trained and can work on more than one task within their respective units.

Within CFO offices, the reporting capabilities within CFIS are used to monitor work volumes, backlogs and individual employee queues. It was noted that in addition to CFIS, an additional spreadsheet tool entitled "Workload Support Tool" was being used to track and monitor progress of open files being worked on by FOs.

Despite some of the mechanisms in place, significant backlogs of both applications with eligibility issues and FIP events related to current licence holders were noted at the CFO offices visited. These backlogs have created delays in addressing eligibility issues, with the greater risk being unaddressed eligibility concerns related to current licence holders who have access to firearms.

Although both CFO offices visited had similar backlogs of FIP events, opportunities for improvement were noted in the manner in which CFO AB/NT monitors this backlog. With the exception of MH files, CFO AB/NT treats all FIPs on a first-in first-out basis. The current backlog is an accumulation of eligibility concerns which have not yet been opened or reviewed by CFO AB/NT staff. No analysis has been performed to prioritize or assess the risk level of the files in the backlog. Without any form of review when they are initially received, individuals who may no longer be eligible to have a firearms licence retain their licence until such time as an investigation gets underway and a decision is made regarding their eligibility.

In contrast, all files in the BC queue are reviewed within a day of being received from CPS at the Firearms Agent level prior to being reassigned to the FO if necessary. This ensures a level of awareness of FIP incidents and the types of files they are so they can be prioritized based on the nature of the eligibility issue (e.g. MHA, violence, etc.). For CFO BC/YT, as of July 2017, there was a backlog of 2930 applications (with eligibility flags) which had yet to be worked on. The backlog of FIPs (notifications) which had yet to be worked on was 2092.

For CFO AB/NT, as of June 2017, there was a backlog of 1713 licence applications with eligibility concerns. The backlog of FIPs requiring investigation was 3188. By comparison, the CFO AB/NT backlogs in April 2016 were 1550 applications and 2264 FIPs, demonstrating that the FIP backlog had increased by 41% from 2016 to 2017.

While work queues are generally monitored and prioritized, not all CFO offices prioritize their backlogs based on risk factors. These practices should be reviewed to ensure risks are appropriately mitigated.

3.4 Risk management

The audit expected to find that the CFP had processes in place whereby risks are identified, assessed, prioritized and linked to program priorities, as supported by the RCMP's approach to Integrated Risk Management as outlined in the Administration Manual 18.3.

Overall, the CFP appears to have a sufficient risk identification and assessment process in place. Program wide identification and assessment of risks, including those impacting eligibility activities, is part of the CFP's formal business planning process which includes the development of a five-year business plan and semi-annual CFO led meetings to discuss risks and related mitigating strategies.

The risk analysis section of the 2012-2017 CFP Business Plan contains a number of identified risks related to eligibility processes such as: ineligible clients having access to firearms; lack of resources; consistency of practices; and accessibility of information from police databases. Through interviews, the audit team confirmed that the risks originally identified in the 2012-2017 Business Plan continue to be in alignment with Management's view of key risks currently impacting eligibility. Based on interviews with CFP staff at all levels it was noted that the CFP's top priority is reducing public safety risk related to firearm use while focussing on the risks related to MH and current licence holders with eligibility issues.

Risks specifically impacting eligibility activities are also identified and assessed, and strategies to address them at an operational level are discussed at the CFO conferences which are held twice a year. The CFO conferences are attended by all CFOs, the Director of Firearms Service Delivery, Director of Firearms Regulatory Services and the Director of Firearms Business Improvement. As strategies are implemented, they become part of business processes discussed at the monthly Governance Committee teleconferences (including CPS, Opt-out CFOs, and CFP), and at the monthly Integrated Program Operations Team (IPOT) teleconference which includes representatives from all CFOs and major CFP directorates linked to operations. IPOT serves as a forum to identify, raise awareness and make recommendations to resolve operational issues.

The Record of Decision for the February 2017 CFO Conference demonstrates that decisions/action items, action owners and due dates are tracked for risk related issues discussed at these meetings. The audit also found that there is program-wide awareness of risks impacting eligibility activities. For example, the decision to prioritize existing clients over applicants stems from an identification and assessment that there are likely greater risks to public safety from eligibility events related to existing clients who have firearms licences (due to their access to firearms) than for eligibility events related to new licence applicants.

There is also ongoing monitoring of risks at multiple levels within the program. For example, CFOs, supported by their Team Leaders/Operations Managers, monitor risks in their respective day to day operations. CPS uses CFIS to monitor risk areas as manifested in its work queues. This includes tracking the files flagged as MH for action by the CFOs. Within the policy centre, the BI group conducts program-wide monitoring of work queues and volumes to help inform decision-making in the respective CFP directorates. As per section 3.1 of this report, although this information is being used in the consideration of workload distribution amongst CFOs, opportunities remain for the CFP to take further steps to address volume backlogs and the risks they engender. Additional opportunities exist to leverage the FBI directorate's data analytics capacity to further monitor and triage work volumes at CFO offices based on predetermined risk factors, and develop corresponding strategies to address backlogs.

Another aspect of the risk management process which was assessed was the implementation of strategies to mitigate the risks identified. The audit was unable to conclude on the effectiveness of the mitigation actions themselves but noted that actions were being taken to address significant risks impacting the program. Examples of risk mitigation initiatives being undertaken include:

• To further reduce the risk that ineligible applicants obtain firearms licences, the CFP has launched a pilot project to reengineer the manner in which ES is performed on first time applicants.
• To ensure MH files are prioritized nationally, a system change was implemented in CFIS in April/May 2017 where first level triage by CPS places such files in a separate MH priority queue.
• CFO offices are targeting increased outreach with police agencies to encourage improved Uniform Crime Reporting coding and with the medical community to encourage collaboration on medical disclosure.

The audit found that risk mitigation activities are being designed and implemented with the objective of reducing identified risks. However, as several risk mitigation activities are at early stages of development, it is premature to assess their completeness as well as their ultimate impact on reducing risk. The effectiveness of the mitigation strategies in addressing each risk will depend on their successful implementation that includes ongoing monitoring.

4 Conclusion

Overall, the audit found that an effective management control framework is in place and that eligibility processes and investigations are compliant with legislation and policies.

Nevertheless, opportunities exist to improve processes and to mitigate risks impacting the eligibility screening process. Challenges were found in the areas of policy, training, availability and timeliness of information, processing delays and monitoring and prioritization of work queues.

With respect to the national policy framework and training standards, opportunities to improve consistency and decision-making exist by updating the national CFPM and developing standardized training for personnel in key decision-making roles.

Emphasis on developing additional mechanisms to monitor and triage priority files as well as assessing options to improve the timeliness of third party information could further mitigate these risks. Leveraging the CFP's existing capacity to perform data analytics using business intelligence tools to proactively monitor and triage work queues based on predetermined risk factors would assist in this regard.

Opportunities may also exist to further analyse and assess the residual risks related to the reengineered approach to Enhanced Screening.

5 Recommendations

1. The Deputy Commissioner Specialized Policing Services should ensure that the CFP supports standardization of processes at the national level by updating the CFP Manual.
2. The Deputy Commissioner Specialized Policing Services should ensure that the CFP, in collaboration with Learning and Development develops a standardized training program for Firearms Officers.
3. The Deputy Commissioner Specialized Policing Services should continue efforts to assess the timeliness of information from third parties relevant to eligibility screening decision-making.
4. The Deputy Commissioner Specialized Policing Services should ensure that the CFP conducts further analysis of current processes with the aim of increasing the effectiveness of eligibility screening.
5. The Deputy Commissioner Specialized Policing Services should ensure that the CFP make use of its capacity to perform data analytics to monitor and triage work queues based on predetermined risk factors.

Appendix A – Audit objective and criteria

Suivi de la vérification des dépenses de nature délicate

Rapport épuré

Novembre 2017

Table des matières

1. Acronymes et abréviations
2. Résumé
3. Réponse de la direction à la vérification
4. 1 Contexte
5. 2 Objectif, portée, méthodologie et énoncé de conformité
   • 2.1 Objectif
   • 2.2 Portée
   • 2.3 Méthodologie
   • 2.4 Énoncé de conformité
6. 3 Constatations
   • 3.1 Gouvernance
   • 3.2 Politiques et procédures
   • 3.3 Gestion des ressources humaines
   • 3.4 Gestion des finances et des biens
7. 4 Conclusion
8. 5 Recommandations
9. Annexe A – Objectif de vérification, angles d'intérêt et critères de vérification
10. Annexe B – État actuel des plans d'action des vérifications antérieures

Acronymes et abréviations

*

*

CT

Conseil du Trésor

DG

Direction générale

DND

Dépenses de nature délicate

DPFA

Dirigeant principal des Finances et de l'Administration

GGC

Gestion générale et Contrôle

GRC

Gendarmerie royale du Canada

LGFP

Loi sur la gestion des finances publiques

Matrice

Matrice de la délégation de pouvoirs de signer des documents financiers relatifs à des dépenses de nature délicate

OREC

Officier responsable des Enquêtes criminelles

PF

Police fédérale

*

*

*

*

*

*

SPCA

Services de police contractuels et autochtones

TEAM

Système de gestion des dépenses globales et des actifs (Total Expenditure and Asset Management)

Résumé

La Gendarmerie royale du Canada (GRC) s'emploie à assurer la sécurité des Canadiens et de leurs institutions, tant à l'échelle nationale qu'internationale, en prenant des mesures de prévention, de détection, d'enquête et d'application de la loi axées sur les renseignements. À cette fin, la GRC mène des opérations et des activités secrètes en vue d'infiltrer des organisations criminelles ou terroristes, ou de dissimuler des techniques de collecte de renseignements.

Au nombre des opérations et activités secrètes, on trouve le recrutement de sources payées, la protection et la réinstallation de témoins, l'achat d'articles à des fins de renseignement ou de preuve et les opérations d'infiltration. Les fonds consacrés à de telles activités sont appelés des dépenses de nature délicate (DND), c'est-à-dire des dépenses engagées au soutien d'opérations à des fins d'application de la loi ou de sécurité qui pourraient être compromises si le paiement était fait suivant les procédures normales de la GRC.

La Vérification interne de la GRC a déjà procédé à quatre vérifications des DND, qui ont donné lieu à 13 recommandations dont 19 éléments ont été visés dans des plans d'action de la direction. Les recommandations traitaient de gouvernance, de rôles et responsabilités, de conformité, de surveillance et de production de rapports.

Le suivi de vérification devait évaluer si la mise en œuvre des plans d'action de la direction liés aux quatre vérifications antérieures des DND avait atténué les risques et comblé les lacunes du contrôle mises au jour dans ces vérifications et si de nouveaux risques étaient apparus. La vérification a porté sur les transactions DND effectuées entre le 1er janvier 2016 et le 31 décembre 2016.

Notre vérification permet de conclure que les plans d'action de la direction découlant des quatre vérifications antérieures des DND ont en grande partie atténué les risques et comblé les lacunes du contrôle qu'elles avaient mises au jour. Bien que les transactions DND de l'échantillon aient été généralement conformes aux politiques, il y a encore place à l'amélioration à certains égards : la gouvernance générale de l'utilisation des DND; la mise et la tenue à jour de la politique sur les DND; l'élaboration de cours, d'outils et de guides à l'intention des coordonnateurs et des utilisateurs de DND; et la gestion globale des ressources d'infiltration. L'évaluation immédiate du nouveau formulaire 1454 aiderait à déterminer s'il fonctionne comme prévu, s'il y a moins d'erreurs, quels risques demeurent et si les utilisateurs ont trouvé des façons d'en contourner les contrôles. *

Les réponses de la direction incluses dans le rapport témoignent de l'engagement de la haute direction à donner suite aux conclusions et aux recommandations des vérificateurs. Un plan d'action détaillé est en cours d'élaboration. Une fois qu'il aura été approuvé, la Vérification interne de la GRC en surveillera la mise en œuvre et en fera la vérification de suivi, au besoin.

Réponse de la direction à la vérification

Gestion générale et Contrôle :

Le Suivi de la vérification des dépenses de nature délicate a constaté les progrès réalisés vers l'atténuation des risques révélés dans les vérifications antérieures et fait ressortir des occasions pour renforcer encore la gouvernance des dépenses de nature délicate.

La Gestion générale adhère aux constatations et aux recommandations qui y sont faites et travaillera avec ses collègues aux Opérations afin de mettre en œuvre les trois recommandations faites conjointement à l'intention du sous-commissaire à la Police fédérale et du dirigeant principal des Finances et de l'Administration.

Un plan d'action détaillé, qui comportera des échéanciers et des jalons précis, sera élaboré et soumis à l'examen du Comité ministériel de vérification. Quand il aura été approuvé, le plan d'action de la direction sera mis en œuvre par la Gestion générale, de concert avec la Police fédérale, et il visera les recommandations faites à nos deux secteurs.

Dennis Watters
Dirigeant principal des Finances et de l'Administration

Police fédérale :

La Police fédérale comprend et accepte les observations faites dans le rapport du Suivi de la vérification des dépenses de nature délicate. Le rapport conclut que notre Programme national des dépenses de nature délicate aurait avantage à améliorer son cadre de gouvernance en documentant les rôles et les responsabilités de toutes les parties au processus. Bien que le centre de décision des dépenses de nature délicate de la Police fédérale à la Direction générale ait pris des mesures pour améliorer et corriger les processus actuels, d'autres mesures ont été proposées qui vont dans le sens des observations formulées dans le rapport et elles seront étudiées. Une stratégie de communication sera élaborée afin de faire connaître les changements apportés au processus visant les dépenses de nature délicate. Nous sommes déterminés à mettre en place un cadre robuste et rigoureux pour régir les dépenses de nature délicate, un cadre qui satisfasse les attentes du Conseil du Trésor (CT) et qui permettra à la GRC de rendre les comptes attendus.

*

Plusieurs des recommandations concernent la conformité à la Loi sur la gestion des finances publiques et aux politiques et procédures opérationnelles normalisées relatives aux dépenses de nature délicate. En réponse aux constatations faites dans des vérifications antérieures, le centre de décision en matière de dépenses de nature délicate a entrepris un projet national mis à l'essai depuis 21 mois pour lequel le formulaire 1454 a été révisé (outil de gestion programmée par voie de document). La mise en œuvre du nouveau formulaire n'a pas été sans difficultés. La direction accepte la recommandation d'en entreprendre l'évaluation immédiate afin d'en déterminer l'efficacité et les éléments à améliorer; elle cherchera aussi à déterminer les besoins de formation globale liée à la politique et aux procédures.

Dans la même veine, la direction accepte la recommandation de structurer et d'améliorer la formation offerte aux coordonnateurs, utilisateurs et superviseurs des dépenses de nature délicate. Il a aussi été question du soutien et de l'aide que Gestion générale et Contrôle doit apporter au programme des dépenses de nature délicate, depuis l'élaboration des programmes de formation jusqu'à leur prestation aux utilisateurs, superviseurs et gestionnaires. Nous consulterons le dirigeant principal des Finances et de l'Administration et son personnel sur le rôle qu'ils reprendront dans le processus afin de mieux appuyer le programme.

Nous procéderons à l'examen complet *. Avec les officiers responsables des Enquêtes criminelles des divisions, nous entreprendrons une analyse afin de déterminer comment atteindre la vision et la supervision nécessaires à la gérance centralisée de ces ressources, au moyen * ou autrement.

La Police fédérale apprécie les efforts et la vision de l'équipe de Vérification interne, elle accepte les résultats de la vérification et donnera suite aux recommandations, selon des plans d'action qui seront clairs, réalisables et représentatifs de l'importance que la GRC accorde aux pouvoirs spéciaux que lui octroie le CT et selon sa capacité d'en rendre compte et de satisfaire les attentes du CT.

Gilles Michaud
Sous-commissaire à la Police fédérale

1 Contexte

La GRC s'emploie à assurer la sécurité des Canadiens et de leurs institutions, tant à l'échelle nationale qu'internationale, en prenant des mesures de prévention, de détection, d'enquête et d'application de la loi axées sur les renseignements. À cette fin, la GRC mène des opérations et activités secrètes en vue d'infiltrer des organisations criminelles ou terroristes, ou de dissimuler les techniques de collecte de renseignements. Le Conseil du Trésor (CT) a reconnu les difficultés inhérentes aux opérations de ce genre et a octroyé à la GRC des pouvoirs et des dispenses d'exception. Elle est ainsi exemptée de certaines dispositions, notamment celle qui l'obligerait à rendre compte dans des systèmes d'information intégrés de ses inventaires de ressources d'infiltration et celle qui l'obligerait à rendre publics certains types de marchés.

Les opérations et activités secrètes peuvent comporter le recrutement de sources payées, la protection et la réinstallation de témoins, l'achat d'articles à des fins de renseignement ou de preuve, et les opérations d'infiltration.^{Footnote 1} Les fonds consacrés à de telles activités sont appelés des dépenses de nature délicate (DND), c'est-à-dire des dépenses engagées au soutien d'opérations à des fins d'application de la loi ou de sécurité qui pourraient être compromises si le paiement était fait suivant les procédures normales de la GRC.^{Footnote 2} Il peut y avoir des DND dans tous les aspects du travail policier, dans toutes les divisions de la GRC, et à la Direction générale (DG).

Les DND sont inscrites en termes génériques, sans précisions, dans le système financier de l'organisation (Système de gestion des dépenses globales et des actifs ou système TEAM), sous l'un ou l'autre de deux articles de rapport budgétaires particuliers. L'un sert à inscrire les dépenses de nature délicate pour du matériel technique et des marchés de nature délicate, l'autre, les dépenses de nature délicate de tout autre type (qu'on appellera ici les DND générales).

La Vérification interne de la GRC a déjà procédé à quatre vérifications des DND,^{Footnote 3} qui ont donné lieu à 13 recommandations dont 19 éléments ont été visés dans des plans d'action de la direction. Les recommandations traitaient de gouvernance, de rôles et responsabilités, de conformité, de surveillance et de production de rapports. Un résumé des recommandations faites dans ces vérifications antérieures, les constatations s'y rapportant et les préoccupations soulevées au cours du présent suivi de vérification, est inclus à l'annexe B.

En mai 2016, le commissaire a approuvé le plan de vérification interne axé sur les risques 2016-2019, auquel figurait un suivi de vérification des DND.

2 Objectif, portée, méthodologie et énoncé de conformité

2.1 Objectif

L'objectif du suivi de vérification devait évaluer si la mise en œuvre des plans d'action de la direction liés aux quatre vérifications antérieures des DND avait atténué les risques et comblé les lacunes du contrôle mises au jour dans ces vérifications et si de nouveaux risques étaient apparus.

L'annexe A présente l'objectif de vérification, les angles d'intérêt et les critères de vérification.

2.2 Portée

La vérification a porté sur l'évaluation de la mise en œuvre des plans d'action de la direction établis en réponse aux recommandations faites dans les quatre vérifications antérieures. La vérification a aussi examiné si ces mesures prises par la direction avaient corrigé les problèmes qui avaient donné lieu aux recommandations. Les transactions DND examinées aux fins de la vérification ont été faites entre le 1er janvier 2016 et le 31 décembre 2016.

Le présent suivi de vérification a porté exclusivement sur les DND générales.

2.3 Méthodologie

La planification de la vérification s'est achevée en avril 2017. Au cours de cette phase, l'équipe de vérificateurs a procédé à des entrevues, à la revue du processus et à l'examen des politiques, directives, procédures applicables et des résultats des travaux effectués après les vérifications antérieures.

Les sources utilisées pour élaborer les critères et les tests de vérification comptaient les cadres politiques et directives pertinentes du CT^{Footnote 4} et les politiques connexes de la GRC. L'annexe A présente l'objectif de vérification, les angles d'intérêt et les critères de vérification.

Au cours de la phase d'examen, qui a duré jusqu'en juillet 2017, diverses techniques ont été employées : entrevues, examens de dossiers, analyse de données et tests de transactions. Des visites ont eu lieu dans les quartiers généraux de trois divisions ainsi qu'à la DG pour examiner des dossiers et évaluer les pratiques. À la fin de la phase d'examen, l'équipe de vérification a tenu des réunions pour valider ses constatations avec le personnel et a informé la haute direction de ses constatations pertinentes.

Le tableau 1 montre un résumé des transactions qui ont fait l'objet de tests pendant la vérification. L'échantillonnage s'est fait au hasard et au jugement, à partir de données extraites du système TEAM. Les transactions incluses dans l'échantillon reflétaient divers types de DND : *

2.4 Énoncé de conformité

La mission de vérification est conforme au Cadre de référence international des pratiques professionnelles de l'audit interne de l'Institute of Internal Auditors ainsi qu'à la Directive sur l'audit interne du Conseil du Trésor du Canada, comme en font foi les résultats du programme d'assurance et d'amélioration de la qualité.

3 Constatations

3.1 Gouvernance

Rôles et responsabilités

De saines structures de gouvernance sont nécessaires pour s'assurer que les transactions DND sont conformes aux pouvoirs financiers spéciaux délégués à la GRC. La gouvernance doit être appuyée par des politiques, par un programme, par de la formation et par des rôles et des responsabilités clairs. Des activités régulières de surveillance et de production de rapports, y compris des mesures du rendement, devraient aussi favoriser la bonne utilisation des DND.

La Police fédérale (PF), la Gestion générale et Contrôle (GGC) et les divisions sont conjointement responsables de la gouvernance des DND.

Police fédérale

Le sous-commissaire à la PF est responsable de la surveillance, de la reddition de comptes et de la formation, de manière à pouvoir confirmer la bonne utilisation des DND, uniquement pour préserver la nature secrète d'une transaction. * La PF est chargée de veiller à préserver le secret des opérations de nature délicate et des dépenses qui y sont associées, afin de favoriser le succès des enquêtes et la sécurité des policiers. À la PF, le centre de décision des DND rédige la politique sur les DND et offre du soutien et des conseils sur la bonne utilisation à faire des DND. Le centre de décision des DND, qui relevait auparavant des Services spéciaux de la Police fédérale (aux Opérations secrètes), relève depuis peu de la Gestion et Administration des ressources. Cette restructuration isole davantage le centre de décision des opérations, dans les faits ou dans la perception, et réduit le risque que les besoins opérationnels n'influencent les processus financiers et la conformité. Cela renforce aussi les liens fonctionnels avec le groupe de la GGC.

Gestion générale et Contrôle

Le dirigeant principal des Finances et de l'Administration (DPFA) est responsable de la saine gestion et de la gérance de toutes les ressources financières et matérielles de la GRC. Le Service de la comptabilité générale, des politiques et du contrôle, qui relève du DPFA, élabore les politiques et les processus et fournit la supervision nécessaire aux dépenses responsables et à la protection des finances et des biens de la GRC, y compris ceux acquis à l'aide de DND.

Que ce soit à l'échelle nationale, régionale ou divisionnaire, actuellement la GGC n'est pas mobilisée dès le début d'une transaction DND. En entrevue avec des hauts dirigeants de la GGC et de la PF, nous avons appris que la GGC n'offre pas de conseils en amont des transactions nécessitant des DND. Pourtant, une plus grande mobilisation de la GGC en début de projets d'envergure contribuerait au respect des exigences administratives des politiques. Sans cette orientation, les coordonnateurs et utilisateurs des DND naviguent à vue dans les cadres politiques complexes et les exemptions qui peuvent s'appliquer.

La GGC n'a pas mis en place un cadre de gouvernance à la hauteur de ses responsabilités en matière de DND. Comptabilité générale, Politiques et Contrôle est responsable de veiller à ce que des contrôles financiers fondés sur les risques soient en place pour permettre la vérification des comptes de DND, conformément à la Loi sur la gestion des finances publiques (LGFP).^{Footnote 5} Lorsqu'ils exercent le pouvoir de payer de l'article 33 de la LGFP, les agents des finances doivent examiner la vérification des comptes de toutes les transactions risquées, y compris les DND. Afin de préserver la nature secrète de ces transactions, les fondés de pouvoir pour l'article 33 (agents des finances) comptent sur les coordonnateurs divisionnaires des DND pour faire cet examen en leur nom, lorsqu'ils exercent le pouvoir d'autoriser une demande de paiement.^{Footnote 6} Bien que nous ayons observé un degré élevé de conformité à cette exigence, il serait utile que la GGC fasse plus de supervision et de surveillance pour s'assurer que les coordonnateurs des DND^{Footnote 7} soient bien formés et aient le pouvoir d'autoriser une demande de paiement dans le système TEAM. Cette assurance est essentielle pour maintenir la fiabilité reconnue à ce contrôle clé qu'est la bonne vérification des comptes pour les transactions DND à risque.

En situant le centre de décision des DND à la Gestion et Administration des ressources de la PF, on optimise l'expertise et favorise la consultation nécessaire à la conformité aux cadres politiques applicables.

Les divisions

Les officiers responsables des Enquêtes criminelles (OREC) sont responsables de gérer et de superviser les opérations secrètes et les DND qui s'y rattachent, le centre de décision des DND à la DG pouvant leur apporter du soutien au besoin. Les postes de coordonnateurs des DND ont été établis et dotés à l'échelle divisionnaire afin d'examiner toutes les transactions DND, conformément à la politique nationale sur les DND.^{Footnote 8}

Depuis avril 2012, tous les coordonnateurs divisionnaires des DND, pour occuper leur fonction, doivent signer une lettre dans laquelle ils reconnaissent leur responsabilité à l'égard de la vérification des comptes de DND. Nous avons constaté que pour toutes les transactions de l'échantillon, tous les coordonnateurs des DND avaient signé leur lettre et leur pouvoir d'autoriser une demande de paiement était valide dans le système TEAM. Dans nos entrevues auprès des coordonnateurs des DND des divisions de notre échantillon, nous avons observé une bonne connaissance de leurs rôles et responsabilités aux fins de l'exercice de ce pouvoir. *

Attribuer clairement les rôles et responsabilités

Bien que les politiques du CT et de la GRC en matière de DND exposent les attentes quant aux rôles et responsabilités des trois secteurs en cause, il reste possible d'améliorer la mobilisation des principales parties intéressées aux DND. Il conviendrait d'adopter des outils pour attribuer clairement les rôles et responsabilités aux divers intéressés en cause et en officialiser l'acceptation. Avec un outil visuel, les rôles de chacun apparaissent clairement et les intéressés ont une séquence à suivre dans l'exercice de leurs rôles respectifs. Un tel outil garantirait à la direction que toutes les parties sont engagées au bon moment dans les processus clés concernant les DND, ce qui favoriserait une meilleure gouvernance des DND.

Surveillance et production de rapports

Les vérifications antérieures ont mis en lumière la nécessité d'accroître la surveillance et la production de rapports sur les activités de DND à l'échelle divisionnaire et nationale. Dans l'une des divisions de l'échantillon, on procède chaque année à quatre ou cinq examens de gestion qui comportent l'élément DND, mais pour ce qui est des autres sites visités, il ne se faisait ni surveillance, ni rapports sur l'utilisation des DND. De tels rapports à l'échelle divisionnaire faciliteraient les prévisions budgétaires et la direction pourrait envisager d'en tirer des mesures du rendement relatives aux DND. Sans données de rendement officielles, les gestionnaires disposent de peu de moyens pour évaluer l'efficacité et l'efficience de l'utilisation des DND et des contrôles connexes.

La codification dans le système TEAM procure des données fiables aux fins de surveillance et de production de rapports à l'interne et à l'externe. Les coordonnateurs divisionnaires des DND de l'échantillon ont manifesté une bonne compréhension de la codification à appliquer pour les demandes de DND. La vaste majorité des transactions de l'échantillon (91 %) étaient bien codifiées. Les erreurs relevées étaient dues principalement à l'interprétation des définitions de codification de DND. Si l'erreur de codification est sans importance du point de vue des états financiers, une plus grande cohérence faciliterait la surveillance et la production de rapports sur l'utilisation des DND dans toutes les divisions. Le centre de décision des DND souhaite augmenter la surveillance et la supervision des codes propres aux DND dans le grand livre général en misant sur l'expertise de la Gestion et Administration des ressources de la PF en analyse de données et en analyse des tendances.

Séparation des tâches

La politique nationale sur les DND précise que le coordonnateur des DND ne peut pas avoir un rapport hiérarchique avec tout gestionnaire qui a exercé les pouvoirs prévus à l'art. 32 ou 34 de la LGFP dans le cadre d'une opération pour laquelle il exerce le pouvoir d'autoriser une demande de paiement.^{Footnote 9} Dans deux des quatre divisions de l'échantillon, les coordonnateurs des DND relevaient d'officiers hiérarchiques qui ont exercé les pouvoirs prévus à l'art. 32 ou 34 pour 13 transactions de l'échantillon; l'examen effectué par le coordonnateur des DND en exerçant son pouvoir d'autoriser une demande de paiement ne respectait alors pas la séparation des tâches.

Il n'y aura probablement ni ressources supplémentaires, ni restructuration divisionnaire pour préserver la séparation des tâches, mais d'autres mesures d'atténuation sont envisageables pour assurer une supervision supplémentaire des opérations de DND. Par exemple, le Service de la comptabilité générale, des politiques et du contrôle a proposé des modifications à la Matrice de la délégation de pouvoirs de signer des documents financiers relatifs à des dépenses de nature délicate (Matrice) qui conféreraient aux coordonnateurs des DND des pouvoirs ministériels ou divisionnaires. Ces modifications permettraient au coordonnateur des DND d'une autre division d'exercer le pouvoir d'autoriser la demande de paiement pour une demande de DND lorsqu'un problème de séparation des tâches est soulevé. Il peut y avoir d'autres options que les intéressés voudront sans doute explorer pour corriger cette situation.

*

3.2 Politiques et procédures

Politiques et procédures établies

La politique nationale sur les DND a été publiée en janvier 2011 et donne à l'utilisation des DND un cadre de gestion des finances, des biens, du matériel et de l'immobilier qui régit aussi les acquisitions. Bien que les procédures établies dans les divisions de l'échantillon soient conformes à l'actuelle politique nationale, des bulletins divisionnaires nécessitent un examen afin de juger de leur pertinence et de leur conformité; au besoin, ils seront mis à jour ou supprimés.

La politique requiert aussi la mise à jour des titres de postes et des noms de service, et la mise à jour des liens vers d'autres politiques. On peut encore élaborer et diffuser des méthodes de fonctionnement normalisées et des pratiques exemplaires, afin d'informer les coordonnateurs des DND et autres intéressés, au soutien de leurs responsabilités relatives aux DND.

Procédures de conservation des documents

La Vérification annuelle dirigée des dépenses de nature délicate 2011-2012 constatait le risque que les demandes de DND * ne soient pas conservées pour la période requise.* Le risque existait que des documents soient détruits alors qu'ils auraient dû rester *. Le suivi de vérification a constaté que la question de la conservation avait été réglée dans les divisions de l'échantillon. Les coordonnateurs des DND ont modifié les procédures et les pratiques concernant les demandes de DND * et les documents sont désormais conservés pour la durée requise. Il y aurait lieu de mettre à jour la politique sur les DND pour refléter les changements de procédures afin qu'elles soient appliquées de façon uniforme dans toutes les divisions.

Les coordonnateurs des DND conservaient comme prévu toutes les demandes autres que celles * des six années précédentes et de l'année courante. Il conviendrait de clarifier la politique qui, dans sa formulation actuelle, pourrait laisser entendre que la durée de conservation n'est que de deux ans^{Footnote 10}, de sorte que des documents financiers seraient détruits plus tôt que prévu.

Conformité avec la politique

Nous avons constaté dans les transactions de l'échantillon des taux élevés de conformité à la LGFP. Les transactions de l'échantillon avaient en grande majorité (96 %) été approuvées par un signataire qui avait les pouvoirs d'engagement voulus (article 32), et certifiées par un signataire qui avait les pouvoirs de certification voulus (article 34). Les transactions non conformes concernaient l'absence dans le système TEAM du spécimen de signature du signataire ou le décalage entre le moment de la signature et le moment où la signature du fondé de pouvoir pour l'article 32 ou 34 était valide. Nous avons constaté l'autorisation d'une demande de paiement par le coordonnateur des DND dans toutes les transactions de l'échantillon, bien que pour des raisons déjà évoquées, la qualité et la fiabilité attribuables à ces certifications variaient.

Il incombe à l'utilisateur de bien connaître et appliquer les politiques, y compris les diverses exemptions consenties par le CT et leur application. Or les utilisateurs de DND que nous avons interviewés ont, pour la plupart, dit s'en remettre au coordonnateur des DND de leur division pour l'interprétation de la politique. Nous avons constaté que 98 %^{Footnote 11} des transactions de l'échantillon étaient conformes à la politique sur les DND et que toutes, sauf une, préservaient la nature secrète de la dépense.* Comme cela se fait dans une division, *

Toutes les transactions de l'échantillon avaient en dossier une preuve de rentabilité, sous forme par exemple de soumissions multiples (qui pouvaient être gardées à l'échelle du service). De plus, toutes les transactions de l'échantillon étaient accompagnées d'une justification étayant clairement la nécessité de traiter la dépense comme de nature délicate et 95 % étaient conformes aux plans et approbations d'origine. Le fort taux de conformité était dû en grande partie au rôle de conseiller des coordonnateurs des DND et aux leçons apprises par les divers groupes d'utilisateurs de DND. L'utilisation du nouveau formulaire 1454 Demande et autorisation de paiement a aussi contribué à l'amélioration des taux de conformité.

Nouveau formulaire 1454 Demande et autorisation de paiement

Le centre de décision des DND a conçu un nouveau formulaire 1454, comme prévu dans un plan d'action de direction en rapport avec des constatations sur la conformité faites dans la première vérification des DND. On s'est lancé dans ce projet sans le doter d'un plan de gestion, de sorte que l'élaboration du formulaire s'est étirée sur plusieurs années.^{Footnote 12} Le formulaire demeure un projet pilote, afin que les utilisateurs et coordonnateurs de DND puissent s'adapter aux nouvelles procédures qui l'accompagnent. La mise en service du nouveau formulaire 1454 a été entreprise en janvier 2016 et se poursuit, la plupart des divisions ayant choisi de l'adopter dans divers services depuis le printemps 2016. Le nouveau formulaire 1454 poursuit deux buts : documenter la préapprobation de tous les aspects de la transaction et compiler les détails nécessaires pour résumer toutes les dépenses.

Le nouveau formulaire 1454 compte de nombreux contrôles automatiques. Il est conçu pour permettre la vérification au regard de la Matrice et pour connaître les titulaires de poste qui ont le pouvoir de signer pour la transaction. Certaines parties du formulaire doivent être remplies avant que l'utilisateur puisse passer à une étape suivante (p.ex. il faut obtenir la préapprobation avant de passer à l'étape du remboursement). Le formulaire intègre les règles administratives de diverses politiques de la GRC, notamment des manuels des Opérations, de la Gestion des finances, et de la Gestion des biens. Les calculs mathématiques sont automatisés. Le formulaire minimise les erreurs de saisie et le dédoublement d'efforts, puisque les données personnelles saisies par l'utilisateur sont automatiquement reconduites aux étapes ultérieures.

Dans les divisions de l'échantillon, les utilisateurs ont dit éprouver de la difficulté à s'adapter au nouveau formulaire et aux procédures qu'il impose. Le nouveau formulaire est long, difficile à lire et à remplir. Il présente des fenêtres dans lesquelles sont décrits les pouvoirs et les responsabilités des utilisateurs et des signataires, mais les descriptions sont longues et difficiles à lire. Chaque étape du formulaire requiert de nombreuses signatures pour justifier la dépense; or plus on est appelé à signer le même document à répétition, plus on risque de ne plus porter attention à ce qu'on signe, ce qui dilue l'importance du document. Le nouveau formulaire 1454 fait plus de place aux pouvoirs de dépenser qu'à la justification de la dépense. La justification doit comporter le détail de la transaction, expliquer pourquoi la dépense doit être faite dans le secret, quelles options ont été envisagées et quelles décisions ont été prises au long de la transaction. Bien que les transactions de l'échantillon comportaient toutes une justification adéquate qui expliquait pourquoi la dépense était de nature délicate, intégrer au formulaire 1454 une justification plus complète favoriserait la constance et prouverait une meilleure gérance des DND et une responsabilité clairement assumée.

Si le nouveau formulaire 1454 se prête bien aux dépenses prévues, les personnes interviewées le trouvent difficile à utiliser pour les opérations imprévues qui requièrent souplesse et agilité. À la lumière des préoccupations exprimées, il est recommandé au centre de décision des DND de faire une évaluation immédiate du nouveau formulaire 1454 afin de déterminer s'il fonctionne comme prévu, s'il y a moins d'erreurs, quels risques demeurent et si les utilisateurs ont trouvé des moyens de le contourner. Il pourrait en profiter pour en faire une analyse coût-bénéfice qui examinerait l'incidence du nouveau formulaire 1454 sur la charge de travail et cernerait les redondances à éliminer et les économies à réaliser. On pourrait déterminer un minimum de tolérance au risque relativement à l'utilisation du nouveau formulaire 1454 pour des dépenses imprévues et des dépenses peu élevées. De telles transactions pourraient justifier l'utilisation d'un formulaire 1454 modifié dont on garderait les principaux éléments de contrôle, comme la justification, et l'identité des fondés de pouvoir pour les articles 32 et 34.

Le succès du nouveau formulaire 1454 nécessitera un plan global de gestion du changement. D'abord, du point de vue conception, toute modification de la Matrice ou des règles administratives découlant de la mise à jour des politiques auront une incidence sur les contrôles automatiques complexes qui sont intégrés au formulaire. Deuxièmement, du point de vue du processus, il faudra former les utilisateurs et appliquer une stratégie efficace de communication pour expliquer le fonctionnement du nouveau formulaire 1454. Bien que le centre de décision des DND n'ait pas pleinement évalué l'incidence du nouveau formulaire 1454, il y a des indices tant au centre de décision des DND que dans les divisions que sa pleine mise en œuvre entraînera l'alourdissement de la charge de travail.

3.3 Gestion des ressources humaines

Coordonnateurs divisionnaires des DND

Les coordonnateurs des DND font l'examen des transactions DND a posteriori et exercent le pouvoir d'autoriser la demande de paiement pour donner l'assurance de conformité aux agents des finances qui exercent le pouvoir de paiement prévu à l'article 33. Donnant suite à une recommandation formulée dans la première vérification des DND, toutes les divisions ont créé et doté des postes de coordonnateurs des DND, sans cependant qu'il y ait entre elles uniformité quant au nombre de postes dotés et à la catégorie d'employés à laquelle ils sont rattachés.

Par exemple, trois divisions de l'échantillon avaient un poste de coordonnateur des DND à plein temps. Dans deux de ces divisions, le poste était occupé par un employé de la fonction publique, dans l'autre, par un membre régulier. Dans une quatrième division, le groupe des coordonnateurs des DND comptait un membre régulier et quatre employés de la fonction publique. Cette formule dose bien la connaissance opérationnelle et l'expertise d'une part, et d'autre part, l'expérience administrative et financière et la stabilité associée aux employés de la fonction publique. Les divisions gagneraient sans doute à doter leurs postes de coordonnateurs des DND en tenant compte des avantages d'y avoir des employés des deux catégories.

Le poste de coordonnateur des DND est une fonction de contrôle essentielle pour la vérification des comptes et les agents des finances s'appuient sur lui pour exercer leur pouvoir de paiement en vertu de l'article 33. Par conséquent, la planification de la relève pour ces postes doit être un enjeu constant. Notre examen n'a révélé aucune preuve de planification de la relève en cours.

Formation liée aux DND

La première vérification des DND comportait deux recommandations liées à la formation. À l'époque, la PF et le dirigeant principal des Ressources humaines étaient responsables de veiller à ce que la formation liée aux DND soit créée et donnée à tous les coordonnateurs des DND en temps opportun et qu'elle soit intégrée à la formation des agents et des superviseurs, au besoin. Un programme structuré de formation en DND reste à élaborer et la formation liée aux DND n'a pas été intégrée à la formation des agents et des superviseurs, ni non plus à la formation du cadre officier. Il est possible d'inclure la formation sur les DND dans des cours existants, ce qui nécessiterait moins de ressources que d'élaborer un programme de formation en DND à part entière. Bien que les efforts de la direction pour donner suite à ces recommandations aient donné lieu au nouveau formulaire 1454, il reste des possibilités en lien avec l'intention originale des recommandations et des plans d'action de la direction.

La politique nationale sur les DND précise que la PF est responsable d'assurer la formation appropriée des coordonnateurs des DND,^{Footnote 13} que la GGC est responsable d'assurer la formation appropriée des coordonnateurs des DND relativement aux exigences financières et administratives,^{Footnote 14} et que les divisions sont responsables d'assurer l'engagement de coordonnateurs des DND qualifiés.^{Footnote 15}

Les anciennes vérifications des DND signalaient qu'aucune formation structurée traitant de DND n'était offerte aux coordonnateurs, aux utilisateurs ni aux superviseurs de DND. Ils apprennent plutôt comment exécuter leurs tâches une fois en poste, de leurs prédécesseurs et collègues. C'est encore vrai dans le contexte du présent suivi de vérification. Par conséquent, la PF et la GGC pourraient mieux s'acquitter de leurs responsabilités en matière de formation relative aux DND.

Récemment, le centre de décision des DND a offert aux coordonnateurs divisionnaires des DND et à certains utilisateurs et superviseurs un atelier sur la mise en service du nouveau formulaire 1454. L'atelier a permis d'expliquer la conception du nouveau formulaire et comment il s'applique au processus des DND. Le centre de décision des DND avait invité d'autres secteurs d'activité à contribuer à l'élaboration du formulaire et à le commenter, mais elle n'en a pas fait autant pour l'élaboration et la présentation de la séance de formation. L'atelier a été offert suivant la priorité qu'y accordaient les divisions, c'est-à-dire uniquement lorsqu'une division avait les fonds nécessaires pour faire venir les représentants du centre de décision des DND chez elle. Le centre de décision des DND a songé à mettre un cours en ligne, mais pour l'instant, les travaux en ce sens n'en sont toujours qu'au stade de la conception.

Bien que la GGC ait la responsabilité de former les coordonnateurs des DND relativement aux exigences financières et administratives qu'ils doivent respecter, le secteur n'a pas encore donné une telle formation. Parmi les divisions de l'échantillon, seule la Division E donnait une formation liée aux DND à ses nouveaux chefs de service et aux groupes qui ont besoin d'une mise à jour ou d'une révision des processus et de l'utilisation des DND.^{Footnote 16} Par ailleurs, il n'y a toujours aucune formation de DND pour les superviseurs de DND qui leur rappelle les protections et les responsabilités qu'il faut avoir à l'esprit en exerçant les pouvoirs liés aux articles 32 et 34 relativement à des transactions DND. Les personnes interviewées dans toutes les divisions de l'échantillon ont indiqué que cette formation supplémentaire serait utile et favoriserait une meilleure compréhension des responsabilités des signataires pour l'exercice des pouvoirs des articles 32 et 34 lorsqu'on a recours aux DND.

Certes les taux de conformité des transactions de l'échantillon étaient élevés, mais il reste que d'élaborer et d'offrir une formation structurée sur les DND est considéré comme une pratique exemplaire pour atténuer les risques des transactions DND, qui sont élevés par défaut. *

Outils et conseils

En l'absence d'une formation officielle, il y aurait lieu de concevoir et de diffuser des outils et des conseils en matière de DND destinés aux coordonnateurs et utilisateurs de DND. Comme nous l'avons déjà dit, les utilisateurs de DND ne connaissent pas les politiques pertinentes en profondeur et comptent sur les coordonnateurs des DND de leur division pour interpréter la politique. Colliger les pratiques exemplaires serait utile à cet égard et favoriserait des pratiques uniformes dans l'application et dans la gestion du risque.

*

Communication entre intéressés

Il est possible d'améliorer la communication entre la GGC et ses homologues divisionnaires pour minimiser les incidences sur les opérations des changements de politiques et de procédures. * On a interrogé la Comptabilité générale à la DG à ce sujet; elle était au courant du problème et avait envoyé aux Services comptables divisionnaires un communiqué à diffuser aux intéressés.* Les nouvelles procédures n'ont cependant pas été communiquées aux utilisateurs sur le terrain.

Dans les vérifications antérieures, la plupart des coordonnateurs des DND disaient avoir peu de contacts avec le centre de décision des DND, mais nous avons cette fois-ci constaté l'amélioration de la communication entre eux. Les coordonnateurs divisionnaires des DND que nous avons interviewés ont indiqué communiquer au besoin avec le centre de décision des DND pour obtenir des clarifications et la plupart communiquent directement avec les utilisateurs ou les superviseurs pour régler les problèmes que posent les demandes de paiement de DND. Le nouveau formulaire 1454 fait l'objet de discussions régulières entre les divisions et le centre de décision des DND. Ces discussions vont de commentaires sur la charge de travail accrue, à l'incidence sur les pratiques administratives des changements apportés au formulaire. Quoi qu'il en soit, il est possible d'améliorer encore la communication et le partage d'information.

3.4 Gestion des finances et des biens

Gestion des ressources d'infiltration

Il est important au nom de la saine gérance des ressources de bien gérer les ressources d'infiltration *. Bien que la politique nationale des DND * ceux-ci ne tiennent de dossiers que pour les biens qu'ils gèrent. Lorsqu'un service se procure des ressources d'infiltration, le dossier des ressources d'infiltration est tenu au service. Par conséquent, il n'existe pas un dossier divisionnaire consolidé des ressources d'infiltration. Les dossiers des ressources d'infiltration qui ont été examinés aux fins de notre vérification ne nous donnaient pas une vue adéquate de toutes les ressources d'infiltration dans les divisions de l'échantillon. Notre équipe de vérificateurs n'a pas pu faire l'évaluation des dossiers des ressources d'infiltration tenues par les services. En l'absence d'un dossier consolidé des ressources d'infiltration divisionnaires, nous n'avons pas constaté l'existence d'un outil pour faire le suivi des biens, qui rende compte de l'acquisition, de l'utilisation, du transfert, du statut excédentaire et de la cession de ces biens.

La première vérification des DND constatait que la plupart des divisions et des services visités avaient leur propre système de suivi d'inventaire de ressources d'infiltration. Ces systèmes étaient indépendants les uns des autres et n'étaient pas accessibles à d'autres services ou divisions. La vérification constatait aussi que des ressources d'infiltration *

Le suivi de vérification constate toujours l'absence d'une vision nationale ou divisionnaire des ressources d'infiltration. Faute d'une saine gestion, il y a un risque accru que des ressources d'infiltration soient obtenues en double, qu'elles ne soient pas utilisées pleinement * À titre de mesure d'atténuation, * des divisions de l'échantillon * obtenues à l'aide de DND. Cette pratique maximise l'utilisation des ressources d'infiltration et favorise la responsabilité financière et la gérance. Quoi qu'il en soit, l'absence d'une vision divisionnaire poserait problème si une division, ou l'organisation dans son ensemble, * S'il demeure possible d'obtenir l'information, la recueillir et la compiler demanderaient des efforts considérables.

Il y aurait lieu de consulter les divisions afin de déterminer ce que devraient englober une vision et une supervision nationales des ressources d'infiltration. Ces renseignements devraient être inscrits en dossier et suivis pour faciliter la prise de décisions éclairées. L'utilisation d'un système commun de gestion de l'inventaire des ressources d'infiltration faciliterait la supervision de l'acquisition, de l'entretien et de la cession des ressources d'infiltration ainsi que le contrôle de l'inventaire. Tout en gardant à l'esprit les exemptions aux directives et politiques du CT qui lui ont été accordées, l'organisation pourrait se doter d'un cadre de gestion de l'inventaire des ressources d'infiltration fidèle à l'esprit et aux principes de la gestion conventionnelle des biens. Constituer et entretenir un registre est une première étape nécessaire à la gestion des ressources nationales. La direction devra décider s'il convient d'utiliser à cette fin * ou un autre système de gestion des dossiers des ressources d'infiltration.

*

Contrôle de l'inventaire des ressources

Le nouveau formulaire 1454 comporte un 1454-AIC, ou Contrôle d'inventaire des ressources, qui doit rationaliser le processus de gestion des dossiers lorsqu'on fait l'acquisition d'une ressource d'infiltration. Cette partie est destinée au * qui doit mettre à jour les dossiers divisionnaires des ressources d'infiltration, et à l'administrateur du * à la DG qui doit l'inscrire au *. Ainsi, le 1454-AIC, utilisé comme il a été conçu, garantit que l'acquisition des ressources d'infiltration est bouclée aux échelles divisionnaire et nationale.

Toutefois, dans une division de notre échantillon où le nouveau formulaire 1454 est entièrement en service, le 1454-AIC n'est pas utilisé comme prévu. Il est versé au dossier avec les autres éléments de la demande de DND au bureau du coordonnateur des DND, sans qu'il y soit donné suite. Lorsqu'on leur a demandé, les coordonnateurs des DND ont dit ne pas avoir été informés du processus prévu, et ils tenaient pour acquis que les demandeurs avaient déjà transmis le 1454-AIC aux personnes chargées du suivi de l'inventaire avant de leur envoyer le formulaire aux fins d'examen. Bien que les dossiers d'inventaire du service aient pu être mis à jour, il est clair que le * n'avait pas été mis à jour à partir du 1454-AIC. Une stratégie de communication sur la conception et l'utilisation de cette partie du nouveau formulaire 1454 favoriserait la saisie de toutes les données nécessaires dans les dossiers divisionnaires et nationaux des ressources d'infiltration.

Tenue de dossiers

Étant donné le risque inhérent à l'utilisation des DND, on s'attend à des pratiques robustes de gestion de dossiers. Pourtant, dans l'une des divisions de l'échantillon, le coordonnateur des DND n'a pas pu retrouver 5 des 24 dossiers échantillonnés et des éléments manquaient dans 2 des 19 dossiers prélevés, signe qu'il y a là des lacunes dans la gestion des dossiers.

Comme mesure d'atténuation pour la tenue des dossiers, toutes les demandes de DND sont examinées par le coordonnateur divisionnaire des DND qui doit approuver la demande de paiement pour que l'agent des finances exerce son pouvoir de paiement conformément à l'article 33. Puisque les dossiers de l'échantillon égarés ou trouvés incomplets avaient été sélectionnés parmi les transactions complétées affichées dans le système TEAM, et donc réputées avoir fait l'objet d'un examen des dépenses et d'une autorisation de la demande de paiement par le coordonnateur des DND, il faut présumer que le processus de vérification du compte a été exécuté.* Compte tenu des visites sur place de l'équipe de vérification, dans les divisions de l'échantillon et à la DG, les dossiers égarés ou incomplets ne sont pas le symptôme d'un problème répandu relativement à la gestion de dossier en général dans les divisions. Par conséquent, le problème de gestion de dossier en question a été soulevé avec la haute direction de la division en cause, pour que des mesures correctives soient prises.

4 Conclusion

La vérification conclut que les plans d'action de la direction découlant des quatre vérifications antérieures des DND ont en grande partie atténué les risques et comblé les lacunes du contrôle mises au jour dans ces vérifications. Les 19 énoncés de recommandation d'origine traitaient de gouvernance, de rôles et responsabilités, de conformité, de surveillance et de production de rapports.^{Footnote 17} Il reste pourtant encore des possibilités d'amélioration à apporter dans ces domaines.

Bien que les transactions DND de l'échantillon étaient généralement conformes aux politiques, il y a encore place à l'amélioration à certains égards : la gouvernance générale de l'utilisation des DND; la mise et la tenue à jour de la politique sur les DND; l'élaboration de cours, d'outils et de guides à l'intention des coordonnateurs et des utilisateurs de DND; et la gestion globale des ressources d'infiltration. L'évaluation immédiate du nouveau formulaire 1454 aiderait à déterminer s'il fonctionne comme prévu, s'il y a moins d'erreurs, quels risques demeurent et si les utilisateurs ont trouvé des façons d'en contourner les contrôles. *

5 Recommandations

1. Le sous-commissaire à la Police fédérale, de concert avec le dirigeant principal des Finances et de l'Administration et avec les divisions, devrait améliorer la gouvernance générale des dépenses de nature délicate (DND) en clarifiant et documentant les rôles et les responsabilités de toutes les parties aux processus essentiels des DND et mettre à jour la politique sur les DND en conséquence.
2. *
3. Le sous-commissaire à la Police fédérale devrait procéder à l'évaluation du nouveau formulaire 1454 afin de voir s'il fonctionne comme prévu, s'il y a moins d'erreurs et s'il reste des risques à atténuer.
4. Le sous-commissaire à la Police fédérale, de concert avec le dirigeant principal des Finances et de l'Administration, devrait structurer la prestation de formation pour les intéressés aux processus de DND, à savoir les coordonnateurs, les utilisateurs et les superviseurs de DND.
5. Le sous-commissaire à la Police fédérale devrait consulter les officiers responsables des Enquêtes criminelles des divisions afin de déterminer quels sont les éléments d'information importants pour la vision et la supervision des ressources d'infiltration, à l'échelle nationale et divisionnaire, et devrait en assurer la saisie et le suivi central dans * ou dans un autre système.

Annexe A – Objectif de vérification, angles d'intérêt et critères de vérification

Objectif de vérification :

Évaluer si la mise en œuvre des plans d'action de la direction liés aux quatre vérifications antérieures des DND avait atténué les risques et comblé les lacunes du contrôle mises au jour dans ces vérifications et si de nouveaux risques étaient apparus.

Angles d'intérêt :

1. Progrès de la mise en œuvre des plans d'action de la direction :
   • Les plans d'action de la direction ont été mis en œuvre comme prévu à l'origine, ou comme modifiés et approuvés ultérieurement.
2. Validation des risques visés :
   • Les mesures correctives mises en œuvre suivant les plans d'action de la direction semblent avoir visé les risques associés aux constatations antérieures.

Critères de vérification :

1. Gouvernance :
   • Des mécanismes efficaces de supervision sont en place pour gérer l'utilisation des DND.
2. Politiques et procédures :
   • Des politiques et des procédures applicables aux DND sont établies, pertinentes, harmonisées, tenues à jour, communiquées clairement et suivies.
3. Gestion des ressources humaines :
   • Les activités et les postes clés sont connus et adéquatement dotés.
   • Les employés reçoivent la formation, les outils et les conseils dont ils ont besoin pour leur faciliter l'utilisation des DND.
4. Gestion des finances et des biens :
   • Les dossiers sont complets et exacts et les DND qui s'y rapportent sont approuvées et traitées conformément à la politique applicable.
   • Le système national de gestion de l'inventaire des ressources d'infiltration est conçu, déployé, tenu à jour et utilisé à la Direction générale et dans les divisions.
   • Les biens, y compris la technologie de l'information et les systèmes, sont gérés en fonction de leur cycle de vie utile et sont protégés.

Annexe B – État actuel des plans d'action des vérifications antérieures

Le tableau qui suit résume les recommandations des vérifications antérieures, les constatations qui s'y rapportent et les préoccupations qui demeurent, mises au jour par le suivi de vérification.

Follow-up audit of sensitive expenditures

Vetted report

November 2017

Table of contents

1. Acronyms and abbreviations
2. Executive summary
3. Management's response to the audit
4. 1 Background
5. 2 Objective, scope, methodology and statement of conformance
   • 2.1 Objective
   • 2.2 Scope
   • 2.3 Methodology
   • 2.4 Statement of conformance
6. 3 Audit findings
   • 3.1 Governance
   • 3.2 Policy and procedures
   • 3.3 Human resource management
   • 3.4 Financial and asset management
7. 4 Conclusion
8. 5 Recommendations
9. Appendix A – Audit objective, lines of enquiry and audit criteria
10. Appendix B – Current status of previous audits' action plans

Acronyms and abbreviations

CAP

Contract and Aboriginal Policing

*

*

CFAO

Chief Financial and Administrative Officer

CM&C

Corporate Management & Comptrollership

*

*

CROPS

Criminal Operations

DSEFSAM

Delegation of Sensitive Expenditures Financial Signing Authorities Matrix

FAA

Financial Administration Act

FP

Federal Policing

*

*

NHQ

National Headquarters

RCMP

Royal Canadian Mounted Police

SE

Sensitive Expenditures

TB

Treasury Board

TEAM

Total Expenditure and Asset Management System

*

*

Executive summary

The Royal Canadian Mounted Police (RCMP) works to ensure the safety and security of Canadians and their institutions, domestically and globally, through intelligence-based prevention, detection, investigation, and law enforcement measures. To this end, the RCMP carries out some of its operations and activities in a covert manner, designed either to infiltrate criminal or terrorist organizations or to disguise the intelligence gathering activities of the police.

Covert operations and activities can include the development of paid sources, the protection and/or relocation of witnesses, the purchase of items for evidentiary or intelligence purposes, and undercover operations. Expenditures for these types of activities are known as sensitive expenditures (SE), and are defined as an expenditure made in support of operations, incurred for law enforcement or security purposes, which could be jeopardized if payment were made using standard overt RCMP procedures.

RCMP Internal Audit has previously conducted four audits of SE, resulting in 13 audit recommendations with 19 components for which management action plans were developed. The recommendations centered on governance, roles and responsibilities, compliance, monitoring and reporting.

The objective of this follow-up audit was to assess whether the implementation of the management action plans associated with the four previous SE audits has addressed the risks and control weaknesses identified in those audits, and whether any new risks have emerged. The audit scope included SE transactions that occurred during the period of January 1, 2016 and December 31, 2016.

The audit concluded that the management action plans associated with the four previous SE audits have, for the most part, addressed the risks and control weaknesses that were identified in those audits. While the sampled SE transactions were generally compliant with policy, opportunities for improvement remain regarding: the overall governance regarding the use of SE; updates to and maintenance of SE policy; the development of training, tools and guidance for SE Coordinators and SE users; and the overall management of covert assets. An in-progress assessment of the new form 1454 would also be beneficial to determine whether the new form is working as intended, errors have been reduced, risk areas remain, and whether workarounds have been implemented by its users. *

The management responses included in this report demonstrate the commitment from senior management to address the audit findings and recommendations. A detailed management action plan is currently being developed. Once approved, RCMP Internal Audit will monitor its implementation and undertake a follow-up audit if warranted.

Management's response to the audit

Corporate Management and Comptrollership:

The Follow-up Audit of Sensitive Expenditures has noted the progress made in addressing the risks highlighted in previous audits and identifies opportunities to further strengthen the governance of sensitive expenditures.

Corporate Management agrees with the findings and recommendations and we will work with our colleagues in Operations to implement the three recommendations in the audit that are jointly directed to the Deputy Commissioner Federal Policing and the Chief Financial and Administrative Officer.

A detailed action plan, which will include specific timelines and milestones, will be developed and presented for review to the Departmental Audit Committee. Following approval, the management action plan will be implemented by Corporate Management, in coordination with Federal Policing, and will address the recommendations directed to both areas.

Dennis Watters
Chief Financial and Administrative Officer

Federal Policing:

Federal Policing acknowledges and accepts the observations noted in the Follow up Audit of Sensitive Expenditures report. The report concludes that our National Sensitive Expenditure Program would benefit from enhancements to the governance framework by documenting the roles and responsibilities and accountabilities of all involved in the process. While National Headquarters Federal Policing Sensitive Expenditure Policy Centre has taken many steps to improve and correct the current processes, additional actions have been identified and will be considered that will address the observations contained in the report. A communication strategy will be developed to provide clarification around the changes being made to the sensitive expenditure process. We are committed to developing a robust and rigorous framework governing sensitive expenditures that will fully address Treasury Board (TB) expectations and allow the RCMP to be fully accountable.

*

The audit makes several recommendations related to Financial Administration Act and sensitive expenditure policy compliance and standard operating procedures. In response to previous audit findings, the Sensitive Expenditure policy centre has undertaken a national pilot project over the past 21 months involving a revised form 1454 (a document based programmed management tool). The implementation of the new form has not been without its challenges. As such, Management accepts the recommendation to undertake an in-progress assessment of the new form 1454 to determine its overall effectiveness, seek further areas for improvement and determine overall training requirements related to policy and procedures.

Following on that point, Management also accepts the recommendation to formalize and enhance training offered to Sensitive Expenditure coordinators, users and supervisors. Also highlighted was the role to be played by Corporate Management and Comptrollership in providing assistance and support to the sensitive expenditure program with respect to formalized training programs and the delivery of the same to all end users, supervisors and managers. Consultation with the Chief Financial and Administrative Officer and his staff will take place to address their renewed involvement in the process so they can better support the Program.

A comprehensive review of the * will also be conducted. In consultation with divisional Criminal Operations officers, an analysis will be undertaken to determine the most appropriate means of achieving the appropriate level of visibility and oversight regarding the centralized stewardship of these assets through * or, an alternative solution.

Federal Policing appreciates the efforts and insights of the Internal Audit team, accepts the results of this audit and will address the noted recommendations through action plans that are clear, achievable and representative of the importance the RCMP places on the special authorities granted by TB and its ability to be fully accountable and meet TB expectations.

Gilles Michaud
Deputy Commissioner Federal Policing

1 Background

The RCMP works to ensure the safety and security of Canadians and their institutions, domestically and globally, through intelligence-based prevention, detection, investigation, and law enforcement measures. To this end, the RCMP carries out some of its operations and activities in a covert manner, designed either to infiltrate criminal or terrorist organizations or to disguise the intelligence gathering activities of the police. Treasury Board (TB) has recognized the inherent challenges presented by these types of operations and has provided the RCMP with special authorities and dispensations. Paramount among these are exemptions from certain external reporting provisions such as the requirements to report covert assets and inventories in integrated information systems and public disclosure related to specific types of contracts.

Covert operations and activities can include the development of paid sources, the protection and/or relocation of witnesses, the purchase of items for evidentiary or intelligence purposes, and undercover operations.^{Footnote 1} Expenditures for these types of activities are known as sensitive expenditures (SE), and are defined as an expenditure made in support of operations, incurred for law enforcement or security purposes, which could be jeopardized if payment were made using standard overt RCMP procedures.^{Footnote 2} SE can occur in all aspects of policing, in all RCMP divisions, as well as in National Headquarters (NHQ).

SE are generically recorded in the RCMP's departmental financial system (Total Expenditure and Asset Management system, commonly referred to as TEAM) without identifying details. They are recorded against one of two budgetary reporting objects. One is used to record expenditures for sensitive technical equipment and contracts, the other to record all other types of sensitive expenditures (subsequently referred to as 'general SE').

RCMP Internal Audit has previously conducted four audits of SE,^{Footnote 3} resulting in 13 audit recommendations with 19 components for which management action plans were developed. The recommendations centered on governance, roles and responsibilities, compliance, monitoring and reporting. A summary of the original audit recommendations, along with related findings and any concerns identified in this follow-up audit, is included in Appendix B.

In May 2016, the Commissioner approved the 2016-2019 Internal Audit Risk-Based Audit Plan, which includes a Follow-up Audit of SE.

2 Objective, scope, methodology and statement of conformance

2.1 Objective

The audit objective was to assess whether the implementation of the management action plans associated with the four previous audits has addressed the risks and control weaknesses identified in those audits, and whether any new risks have emerged.

Appendix A presents the audit objective, lines of enquiry and audit criteria.

2.2 Scope

The audit focussed on assessing the implementation of the management action plans undertaken in response to the recommendations made in the four previous audits. The audit also focussed on whether management actions had addressed the issues that led to the recommendations. SE transactions examined in support of this audit occurred between January 1, 2016 and December 31, 2016.

This follow-up audit focused exclusively on general SE.

2.3 Methodology

Planning for the audit was completed in April 2017. In this phase, the audit team conducted interviews, process walkthroughs and examined relevant policies, directives, procedures and results of previous audit work performed.

Sources used to develop audit criteria and audit tests included relevant TB policy frameworks and directives^{Footnote 4} and related RCMP policies. The audit objective, lines of enquiry and audit criteria are available in Appendix A.

The examination phase, which concluded in July 2017, employed various auditing techniques including interviews, documentation reviews, data analysis and transaction testing. Site visits took place at three divisional headquarters as well as at NHQ to review files and assess practices. Upon completion of the examination phase, the audit team held meetings to validate findings with personnel and debriefed senior management of the relevant findings.

Table 1 provides a summary of the transactions tested during the audit. Sampling methodology involved a combination of random and judgmental sampling based on data extracts obtained from the TEAM financial system. The SE types reflected in the sampled transactions included: *

2.4 Statement of conformance

The audit engagement conforms to the Institute of Internal Auditors' International Professional Practices Framework and the Treasury Board of Canada Directive on Internal Audit, as supported by the results of the quality assurance and improvement program.

3 Audit findings

3.1 Governance

Roles and responsibilities

Sound governance structures are required to ensure that SE transactions are compliant with the RCMP's special delegated authorities. Governance should be supported by policy and program design, training, as well as clear roles, responsibilities and accountabilities. Regular monitoring and reporting activities, including performance measures, should also promote the appropriate use of SE.

Federal Policing (FP), Corporate Management & Comptrollership (CM&C) and the divisions share responsibility for the governance of SE.

Federal Policing

The Deputy Commissioner FP is responsible for ensuring oversight, accountability, and training are in place which confirm SE are used appropriately and only as needed to maintain the covert nature of a transaction. * FP's focus is on ensuring sensitive operations and associated expenditures remain covert, leading to successful investigations and the safety of police officers. Within FP, the SE Policy Centre develops SE policy and provides support and direction regarding the appropriate use of SE. The SE Policy Centre has recently moved within FP, and now reports to FP Resource Management & Administration rather than to Federal Policing Special Services (under Covert Operations). This change in reporting structure may increase the SE Policy Centre's actual or perceived segregation from operations, and reduce the potential for operational necessities to influence financial processes and compliance. It may also create stronger functional ties to the CM&C group.

Corporate Management & Comptrollership

The Chief Financial and Administrative Officer (CFAO) is responsible for the sound management and stewardship of all RCMP financial and materiel resources. The Corporate Accounting, Policy and Control branch, reporting under the CFAO, develops policies and processes, and provides oversight to ensure responsible spending and safeguarding of RCMP finances and assets, including those acquired using SE funding.

National, regional or divisional CM&C do not currently engage in SE activities at the outset of the transaction. Interviews with senior officials within CM&C and FP indicated that front-end guidance is not offered by CM&C for SE-related transactions. Moreover, there would be benefits to having greater engagement from CM&C to help ensure adherence to administrative policy requirements at the onset of high-profile projects. Without such guidance, SE Coordinators and SE users are left to navigate the complex policy frameworks and special exemptions that may apply.

CM&C has not implemented a governance framework that adequately addresses its responsibilities related to the use of SE. More specifically, Corporate Accounting, Policy and Control is responsible for ensuring that risk-based financial controls are in place for proper account verification of SE, in accordance with the Financial Administration Act (FAA).^{Footnote 5} When exercising payment authority pursuant to section 33 of the FAA, finance officers are required to review the account verification for all high-risk transactions, including SE. To maintain the covert nature of these transactions, section 33 position holders (finance officers) rely on the divisional SE Coordinators to perform this review function on their behalf when they exercise Endorsement of Payment Request authority.^{Footnote 6} While we found that there is currently a high degree of compliance with this requirement, increased oversight and monitoring by CM&C to ensure that divisional SE Coordinator positions^{Footnote 7} are well-trained and have an up-to-date Endorsement of Payment Request authority in TEAM would be beneficial. Such assurance is critical to continue the reliance placed on this key control surrounding proper account verification of high-risk SE transactions.

Leveraging corporate expertise with the new placement of the SE Policy Centre under FP Resource Management & Administration may promote a consultative approach required to ensure compliance with applicable policy frameworks.

The Divisions

The divisional Criminal Operations (CROPS) officers are responsible for the management and oversight of covert operations and related SE, with the SE Policy Centre at NHQ providing support as required. SE Coordinator positions have been established and staffed at the divisional level to review all SE transactions in accordance with national SE policy.^{Footnote 8}

Since April 2012, all divisional SE Coordinators, as a condition of their position, must sign a letter acknowledging their roles and responsibilities for proper account verification of SE. We found that for all sampled transactions, all SE Coordinators signed this letter and had valid Endorsement of Payment Request authority within TEAM. Interviews with SE Coordinators in the sampled divisions indicated good awareness of their role and responsibilities in exercising this authority. *

Clearly assigning roles, responsibilities and accountabilities

While TB and national SE policy set out the expectations for the various roles, responsibilities and accountabilities among the three areas involved in SE, opportunities exist to foster greater engagement amongst the key stakeholders involved in SE. There are benefits to using tools to clearly assign roles, responsibilities and accountabilities, including formal acceptance, among the various stakeholders involved. For example, using a visual tool would provide role clarification and promote a structured approach for stakeholders to follow when exercising their roles. In this way, management would ensure that all parties are involved in key SE processes at the appropriate time, which would in turn promote enhanced SE-related governance.

Monitoring and reporting

Previous audits documented the need for increased monitoring and reporting of SE activities at the divisional and national level. While one sampled division annually conducts fourto five management reviews that include an SE component, the remaining visited sites were not monitoring or reporting on their use of SE. Such reporting at the divisional level would assist in budget forecasting, and the development of performance metrics in relation to SE could be further explored by management. Without formal performance metrics in place, management's ability to assess or evaluate the effectiveness and efficiency of the use of SE and related controls is limited.

Consistent coding in TEAM results in reliable information for internal and external monitoring and reporting purposes. The sampled divisional SE Coordinators demonstrated a good understanding of the coding that should be applied for SE claims. The vast majority (91%) of sampled transactions were appropriately coded. Any errors observed were largely attributed to interpretation of SE coding definitions. While miscoding is insignificant from a financial statement perspective, increased consistency would allow for enhanced monitoring and reporting on the use of SE across the divisions. The SE Policy Centre has identified an interest in increasing monitoring and oversight of the specific SE general ledger codes by leveraging FP Resource Management & Administration's expertise in data analytics and trend analysis.

Segregation of duties

National SE policy states that SE Coordinators may not report directly to any manager who has exercised section 32 or 34 authority on a transaction for which they are exercising Endorsement of Payment Request authority.^{Footnote 9} In two of the four sampled divisions, the SE Coordinators reported to line officers who exercised section 32 or 34 authorities on 13 sampled transactions. As such, the review completed by the SE Coordinators in exercising their Endorsement of Payment Request authority did not maintain proper segregation of duties.

While additional resources or divisional restructuring may not be feasible to maintain segregation of duties, other mitigating measures could be considered to ensure that additional oversight over SE transactions is applied. For example, the Corporate Accounting, Policy and Control branch has proposed changes to the Delegation of Sensitive Expenditures Financial Signing Authorities Matrix (DSEFSAM) that may provide SE Coordinators with departmental and/or divisional authority. Applying this would allow another divisional SE Coordinator to exercise the Endorsement of Payment Request authority on SE claims when the segregation of duties issue is identified. There may be other options that stakeholders could and should explore to address this issue.

*

3.2 Policy and procedures

Established policy and procedures

The national SE policy was published in January 2011 and provides a framework for the use of SE in terms of financial, asset, materiel and real property management as well as procurement. While procedures established in the sampled divisions are consistent with current national policy, existing divisional policy supplements should be reviewed for relevance and alignment, and updated or removed accordingly.

Other beneficial policy enhancements include updates to reflect current unit and position titles, and to update links to other policy references. There are also opportunities for standard operating procedures to be developed and disseminated, including guidance on best practices, to inform SE Coordinators and other stakeholders in support of their SE responsibilities.

Document retention procedures

The Directed Annual Audit of Sensitive Expenditures 2011-2012 found that there was a risk that SE claims * were not being retained for the required period.* As such, there was a risk that documents would be destroyed when they should have been retained for a longer period of time *. This follow-up audit found that the retention issue has been addressed in the sampled divisions. The SE Coordinators made procedural changes regarding retention practices for SE claims *, and documents are now retained for the required period of time. SE policy would benefit from being updated to reflect the procedural changes to promote a consistent application across all divisions.

SE Coordinators were appropriately retaining all * ATI Act Section 16(1)(b) ATI Act Section 16(1)(b) ATI Act Section 16(1)(b)claims for six previous years plus the current year. Clarification is still required as current policy may lead users to interpret a retention period of only two years^{Footnote 10}, which would result in financial documents being destroyed earlier than they should be.

Policy compliance

High FAA compliance rates were observed for the sampled transactions. The vast majority (96%) of sampled transactions were pre-approved by a signatory with appropriate commitment authority (section 32), and certified by a signatory with appropriate certification authority (section 34). The non-compliant transactions related to specimen signature cards which were either not in TEAM, or were not active at the time of signing section 32 or 34. All sampled transactions had evidence of the Endorsement of Payment Request authority performed by the SE Coordinator. Notwithstanding, for reasons previously outlined, the quality and reliance which can be placed on these certifications varied.

It is incumbent on the user to be well-versed in and apply the spirit of relevant policies, including how the various TB exemptions can be applied. The majority of interviewed SE users indicated that they rely on their divisional SE Coordinator for policy interpretation. It was found that 98%^{Footnote 11} of the sampled transactions were compliant with relevant SE policy and all but one of the sampled transactions maintained the covert or discreet nature of the expenditure.* As was the practice in one division*

All sampled transactions demonstrated value-for-money through, for example, the inclusion of multiple quotes on the file (or referenced in the unit-level files). Moreover, all sampled transactions included an appropriate rationale that clearly articulated the need for the expenditure to be deemed sensitive, and 95% were consistent with what was originally planned and approved. The high compliance rates were largely attributed to the advisory role of the SE Coordinators as well as ongoing learning and awareness by various SE user groups. Applying the new form 1454 Request and Authority for Payment also contributed to the increased compliance rates.

New form 1454 Request and Authority for Payment

The SE Policy Centre developed the new form 1454 as part of a management action plan to address audit findings regarding compliance from the first SE audit. At the time, a project management plan was not formalized and its development has since spanned a number of years.^{Footnote 12} It remains a pilot project to allow SE users and SE Coordinators to adapt to new business processes brought about by the new form. The roll-out of the new form 1454 has been underway since January 2016, and the extent of implementation varies with most divisions having implemented it in selected units since spring 2016. The new form 1454 was designed with two goals in mind: to document pre-approval of all aspects of the transaction and to summarize all expenses with requisite details.

The new form 1454 incorporates many automated controls. It is designed to provide verification against the DSEFSAM and to identify position holders with appropriate signing authority for the transaction. Specific sections of the form must be completed before the user can proceed to a subsequent stage of the form (i.e.: pre-approval is required before proceeding to the reimbursement stage). Business rules are incorporated from various RCMP policies, including the Operational, Financial and Asset Management Manuals. Mathematical calculations are automated. In addition, the form minimizes duplication and data entry errors, as tombstone data entered by the user is automatically carried forward to subsequent stages of the form.

In the sampled divisions, users described challenges in adapting to the new form 1454 and the associated process. They indicated that the new form is lengthy and cumbersome to read and complete with ease. While the new form 1454 includes description boxes that outlinethe authorities and responsibilities of users and signatories, these descriptions are long and difficult to read. Numerous signatures are required throughout the different stages of the form to substantiate the expenditure process. This may dilute the importance of the sign-off, as the more times an individual is required to sign a document, the less likely they may be to pay attention to what they are signing. The new form 1454 is focused on the financial authorities rather than the justification or rationale for the expenditure. The rationale should document particulars about the transaction, including why the expenditure must be processed sensitively, the options that were considered and the decisions made throughout the process. Although all sampled transactions included an appropriate rationale that clearly articulated the need for the expenditure to be deemed sensitive, including the option for a more substantial rationale in the new form 1454 would promote consistency and might better demonstrate stewardship and accountability over SE.

While the new form 1454 is well suited for planned expenditures, interviewees stated that it is challenging to apply to unplanned operations that inherently require fluidity and nimbleness. In light of the expressed concerns, the SE Policy Centre should perform an in-progress assessment of the new form 1454 to determine whether it is working as intended, if errors have been reduced, if risk areas remain, and whether workarounds have been implemented by its users. A cost-benefit analysis could also be performed as part of the in-progress assessment. This analysis should examine the impact of the new form 1454 on workloads and whether there are redundancies to eliminate or efficiencies to be made. A risk-tolerance for applying the new form 1454 for unplanned expenditures or low-dollar amounts could also be considered. Options for such transactions could include the use of a modified form 1454 focusing on key control elements such as the rationale, and clearly identified section 32 and section 34 authorities.

An overall change management process regarding the new form 1454 is fundamental to its success. Firstly, from a design perspective, any changes to the DSEFSAM or to business rules from policy updates will have an impact on the complex automated controls that are embedded in the form. Secondly, from a process perspective, there is a need to ensure that users are trained and that an effective communication strategy exists for applying the process using the new form 1454. While the impact of the new form 1454 has not been fully assessed by the SE Policy Centre, there are indications from both the SE Policy Centre and the divisions that the workload will increase once fully implemented.

3.3 Human resource management

Divisional SE Coordinators

SE Coordinators perform a post-review of SE transactions and exercise Endorsement of Payment Request authority to provide assurance to financial officers when they exercise section 33 payment authority. Following a recommendation from the first SE audit, all divisions established and staffed SE Coordinators. However, the number of positions staffed and the category of employee varies considerably across the divisions.

For example, in three sampled divisions, one full-time employee occupied the SE Coordinator position. In two of these divisions, it was a public servant position, and in the third, it was a regular member position. A fourth division employed one regular member and four public servants in the SE Coordinator unit. This provided a balance of operational knowledge and expertise, as well as the administrative and financial experience and stability associated with employing public servants. The benefits of having both categories of employee in the SE Coordinator position should be considered in divisional staffing models.

The SE Coordinator position is a key control function in proper account verification, and is heavily relied on by financial officers when exercising section 33 payment authority. Accordingly, succession planning for these positions should be an ongoing consideration. Our examination found no evidence that succession planning is currently being considered.

SE-related training

Two recommendations from the first SE audit related to training. At the time, FP and the Chief Human Resources Officer were responsible to ensure that SE-related training was created and provided to all SE Coordinators in a timely manner and included in operational and supervisory training where appropriate. A formalized SE training program remains to be developed and SE-related training has not been included in relevant operational and supervisory training programs, including training for the officer cadre. There may be opportunities to include SE training in existing courses, thereby reducing the required resourcing associated with developing a standalone SE training program. While management's efforts to address these recommendations led to the development of the new form 1454, opportunities remain regarding the original intent of the recommendations and management action plans.

National SE policy specifies that FP is responsible for ensuring the appropriate training of SE Coordinators,^{Footnote 13} CM&C is responsible for ensuring the appropriate training of SE Coordinators with respect to financial and administrative requirements,^{Footnote 14} and the divisions are responsible for ensuring the hiring of SE Coordinators who are appropriately trained.^{Footnote 15}

Previous SE audits reported that no formalized SE-related training is offered to SE Coordinators, users or supervisors. Instead, they primarily learn how to perform their duties on-the-job, from their predecessors and colleagues. The same holds true at the time of this follow-up audit. Accordingly, improvements could be made by FP and CM&C to deliver on their SE-related training responsibilities.

Recently, the SE Policy Centre delivered workshops to divisional SE Coordinators and select users and supervisors regarding the implementation of the new form 1454. The training session's content was geared towards explaining the design of the new form 1454 and how it relates to the SE process. The SE Policy Centre sought input and feedback from relevant business lines during the forms' development; however, no other business line was involved in the development or delivery of the training session. Delivery of the training session was dependent on prioritization by the division as it was provided only when a requesting division had the funds to bring the SE Policy Centre representatives to their division. In the future, the SE Policy Centre has considered developing an online course for accessible SE-related training; however, this initiative remains in a conceptual stage.

While CM&C is responsible for training SE Coordinators with respect to their financial and administrative requirements, they have not been engaged in facilitating such training. Of the sampled divisions, E Division was the only division providing SE-related training to new unit commanders and those units identified as requiring an update or refresher on SE processes or use.^{Footnote 16} Also, there is still no SE-related training for SE supervisors that outlines the additional safeguards or responsibilities to be aware of when exercising section 32 or 34 authorities over SE transactions. Interviewees in all sampled divisions indicated that additional training would be beneficial and would serve to promote a comprehensive understanding of the signatories' responsibilities for exercising section 32 and 34 authorities regarding the use of SE.

Notwithstanding the high compliance rates that were noted from the sampled transactions, developing and offering formalized SE training is considered a best practice to mitigate the inherent high-risk nature of SE transactions. *

Tools and guidance

In the absence of formalized training, SE-related tools and guidance for SE coordinators and users should be developed and disseminated. As previously mentioned, SE users are not well-versed in the relevant policies and rely on their divisional SE Coordinators for policy interpretation. Development of best practice guidance would be beneficial in this regard and would ensure that business practices are consistently applied and risk-managed.

*

Communication amongst stakeholders

Opportunities exist to improve communication between CM&C and divisional counterparts to minimize operational impacts when policies and procedures change. * When asked, NHQ Corporate Accounting was aware of the issue and had developed a Communiqué that was sent to divisional Accounting Services for dissemination to stakeholders.* However, these procedural updates had not been provided to users in the field.

In previous audits, most SE Coordinators indicated having minimal contact with the SE Policy Centre, but this follow-up audit observed improved communication between them. The interviewed divisional SE Coordinators indicated they communicate as required with the SE Policy Centre on issues requiring clarification, and most communicate directly with users and/or supervisors in order to resolve SE claim-related issues. The new form 1454 has been a regular topic of discussion between the divisions and SE Policy Centre. These discussions range from feedback regarding the increased workload, to the impact of form changes on current business practices. Notwithstanding, opportunities exist to enhance communication and information sharing.

3.4 Financial and asset management

Management of covert assets

The management of covert assets * is important to ensure sound stewardship of resources. While national SE policy requires the * they only maintain records for the assets that they manage. When covert assets are procured by a unit, the covert asset records are maintained at the unit-level. As a result, a consolidated divisional record of covert assets does not exist, and the covert asset records that were reviewed as part of this audit did not provide adequate visibility regarding all covert assets in the sampled divisions. An assessment of covert asset records held at the unit level was not performed by the audit team. Additionally, in the absence of a consolidated record regarding divisional covert assets, controls that should be in place surrounding the tracking of assets from acquisition, usage, transfer, surplus and disposal were not observed or tested as part of this audit.

The first SE audit reported that most of the divisions and units visited had their own inventory tracking systems for covert assets. These systems were independent of each other and were not accessible by other units or divisions. This audit further noted that covert assets *

This follow-up audit again observed an absence of national or division-wide visibility over covert assets. Without proper management, there is an increased risk that covert assets may be acquired in duplicate, may not be fully utilized, * As a mitigating measure, * in the sampled divisions indicated that *acquired using SE. This practice maximizes the use of covert assets, and promotes stewardship and fiscal responsibility. Notwithstanding, the lack of a division-wide perspective could be an issue if a division, or the RCMP as a whole, were required * While this information may be available, considerable effort would be required to compile it.

Consultation with the divisions would be beneficial to determine what is important for national visibility and oversight of covert assets. This information should be recorded and tracked to facilitate informed decision-making. Use of a common inventory management system for covert assets would facilitate oversight with regards to asset acquisition, maintenance, disposal and overall inventory control. While recognizing the exemptions from TB directives and policies, an inventory management framework for covert assets should be consistent with the spirit and principles of conventional asset management. Building and maintaining an inventory record is a necessary first step in managing national assets. Management should consider whether the * or other form(s) of covert asset record management system, will be used in this regard.

*

Asset Inventory Control

The new form 1454 includes the 1454-Asset Inventory Control, intended to streamline the records management process when a covert asset is acquired. It was designed to be sent to the *, who is responsible for updating the divisional covert asset records, and to the * Administrator at NHQ for * record entry. In doing so, the 1454-Asset Inventory Control promotes the completeness of covert asset acquisitions at the divisional and national level when it is used as intended.

However, in one sampled division where the new form 1454 was fully implemented, the 1454-Asset Inventory Control was not utilized as intended. Instead, it was filed without further action along with the remainder of the SE claim in the SE Coordinator's office. When asked, the SE Coordinators indicated that they were not informed of the aforementioned process, and assumed that claimants had already forwarded the 1454-Asset Inventory Control to the appropriate individuals for inventory tracking prior to sending it to the SE Coordinators for review. Although unit-level inventory records may have been updated, it is clear that * was not updated using the 1454-Asset Inventory Control. A communication strategy regarding the design and use of this aspect of the new form 1454 would promote the completeness of divisional and national covert asset records.

Completeness of file records

In consideration of the inherent risk relating to the use of SE, strong records management practices were expected. However, in one sampled division, 5 of 24 sampled files could not be located by the SE Coordinator. Certain elements were also not provided for two of the remaining 19 sampled files. This is an indication of deficiencies in record management in this division.

As a mitigating measure in relation to the completeness of files, all SE claims are reviewed by the divisional SE Coordinators, and finance officers will not exercise payment authority pursuant to section 33 without the SE Coordinator's sign-off of Endorsement of Payment Request authority. As the missing and incomplete sampled files were selected from completed transactions posted in TEAM, which would have entailed the specific review of expenditures by the SE Coordinator and their corresponding sign-off of Endorsement of Payment Request authority, it is apparent that the account verification process was carried through.* Based on the audit team's site visits in the sampled divisions and at NHQ, the missing and incomplete files are not indicative of a pervasive issue with respect to overall records management across the divisions. Accordingly, the specific records management issue identified was raised with the relevant division's senior management for corrective action.

4 Conclusion

The audit concludes that the management action plans associated with the four previous SE audits have, for the most part, addressed the risks and control weaknesses identified in those audits. The original 19 audit recommendations were centered on governance, roles and responsibilities, compliance, and monitoring and reporting.^{Footnote 17} Still, opportunities for improvement remain in these areas.

While the sampled SE transactions were generally compliant with policy, opportunities for improvement remain regarding: the overall governance regarding the use of SE; updates to and maintenance of SE policy; the development of training, tools and guidance for SE Coordinators and SE users; and the overall management of covert assets. An in-progress assessment of the new form 1454 would also be beneficial to determine whether the new form is working as intended, if errors have been reduced, if risk areas remain, and whether workarounds have been implemented by its users.*

5 Recommendations

1. The Deputy Commissioner Federal Policing, in coordination with the Chief Financial and Administrative Officer, and in consultation with the divisions, should enhance overall governance over sensitive expenditures (SE) by further clarifying and documenting the roles, responsibilities and accountabilities among all parties involved in key SE processes and updating SE policy accordingly.
2. *
3. The Deputy Commissioner Federal Policing should perform an in-progress assessment of the new form 1454 to determine whether it is working as intended, errors have been reduced, and whether risk areas remain.
4. The Deputy Commissioner Federal Policing, in coordination with the Chief Financial and Administrative Officer should formalize the delivery of training for stakeholders involved in SE, notably the SE Coordinators, SE users and SE supervisors.
5. The Deputy Commissioner Federal Policing should consult with divisional Criminal Operations officers to determine information elements that are important for divisional and national visibility and oversight of covert assets, and record and track these centrally in the * or alternative solution.

Appendix A – Audit objective, lines of enquiry and audit criteria

Audit Objective:

To assess whether the implementation of the management action plans associated with the four previous audits has addressed the risks and control weaknesses identified in those audits, and whether any new risks have emerged.

Lines of Enquiry:

1. Status of management action plan implementation:
   • Management action plans have been implemented as originally specified or as subsequently amended and approved.
2. Validation of risks being addressed:
   • Corrective actions implemented as identified in the management action plans appear to have addressed the risks related to the previous findings / observations.

Audit Criteria:

1. Governance:
   • Effective oversight mechanisms are established to manage the use of SE.
2. Policy and Procedures:
   • Policies and procedures for SE are established, relevant, aligned, maintained, clearly communicated and followed.
3. Human Resource Management:
   • Key positions and activities are identified and are adequately staffed.
   • Employees are provided with the necessary training, tools and guidance to facilitate their use of SE.
4. Financial and Asset Management:
   • File records are complete and accurate; and related SE are approved and processed in accordance with relevant policy.
   • The national inventory management system for covert assets is developed, deployed, maintained and used by National Headquarters and in the divisions.
   • Assets, including information technology and systems, are life-cycle managed and protected.

Appendix B – Current status of previous audits' action plans

The following table summarizes the original audit recommendations, related findings and remaining concerns identified in this follow-up audit.

Survey of Policing Partners and Stakeholders 2019-2020

The RCMP's Survey of Policing Partners and Stakeholders includes general questions evaluating the RCMP, as well as more specific questions about the RCMP business lines with which they work (e.g., Federal Policing, Contract and Indigenous Policing, Technical Operations). There were 742 respondents.

Policing partners and stakeholders are representatives of other police services and government agencies and departments the RCMP works with, as well as non-governmental organizations which have a strong interest in RCMP activities, such as civil liberties associations and legal organizations.

Notes

• Data was collected between January 28, 2020 and March 16, 2020
• Questions were answered on a 5-point scale and summarized to agree/neutral/disagree to facilitate review
• Percentages exclude those who replied "don't know" or "no opinion"
• Percentages may sometimes not add to 100 due to rounding
• For new questions in 2019-20, cells are greyed out for previous years
• Results that went up in 2019-20 are highlighted in green, those that went down are highlighted in pink

Sondage auprès des partenaires policiers et des intervenants de 2019-2020

Le Sondage auprès des partenaires policiers et des intervenants comprend des questions générales visant à évaluer la GRC et des questions précises sur les secteurs d'activité de la GRC avec qui ils travaillent (p. ex. Police fédérale, Services de police contractuels et autochtones, Opérations techniques). Au total, 742 personnes ont répondu au sondage.

Les partenaires policiers et les intervenants sont des représentants d'autres services de police et d'organismes et ministères gouvernementaux avec lesquels la GRC collabore et d'organisations non gouvernementales pour qui les activités de la GRC présentent un grand intérêt, comme les associations des libertés civiles et les organisations juridiques.

Notes

• Les données ont été collectées entre le 6 février 2020 et le 16 mars 2020
• Les questions ont été répondues sur une échelle à cinq point et résumées à d'accord, neutre et en désaccord pour en faciliter le revue
• Les pourcentages listés n'incluent pas les réponses "Ne sais pas" ou "Sans opinion"
• Les pourcentages ne s'additionnent pas toujours à 100 % dû à l'arrondissement des chiffres
• Pour les nouvelles questions ajoutées 2019-2020, les cellules des années précédents ont été grisées
• Les résultats qui on monté en 2019-2020 sont surlignés en vert et ceux qui ont descendu sont surlignés en rose

Sondage auprès des partenaires contractuels de 2019-2020

Le Sondage auprès des partenaires contractuels est mené auprès des maires, des dirigeants autochtones et de représentants du gouvernement local, provincial et territorial responsables des contrats avec la GRC pour leur territoire de compétence respectif. Au total, 688 personnes ont répondu au sondage.

Notes

• Les questions ont été répondues sur une échelle à cinq point et résumées à d'accord, neutre et en désaccord pour en faciliter le revue
• Les pourcentages listés n'incluent pas les réponses "Ne sais pas" ou "Sans opinion"
• Les pourcentages ne s'additionnent pas toujours à 100 % dû à l'arrondissement des chiffres
• Pour les nouvelles questions ajoutées 2019-2020, les cellules des années précédents ont été grisées
• Les résultats qui on monté en 2019-2020 sont surlignés en vert et ceux qui ont descendu sont surlignés en rose

Survey of Contract Partners 2019-2020

The Survey of Contract Partners is a survey of mayors, Indigenous leaders, as well as local, provincial and territorial government representatives who are responsible for RCMP contracts within their respective jurisdictions. There were 688 respondents.

Notes

• Data was collected between February 6 and March 16, 2020
• Questions were answered on a 5-point scale and summarized to agree/neutral/disagree to facilitate review
• Percentages exclude those who replied "don't know" or "no opinion"
• Percentages may sometimes not add to 100 due to rounding
• For new questions in 2019-20, cells are greyed out for previous years
• Results that went up in 2019-20 are highlighted in green, those that went down are highlighted in pink

Canadians’ Views of RCMP Policing Services 2019-2020

Canadians' Views of RCMP Policing Services is a public opinion survey of adult residents of Canada, with a focus on areas policed by the RCMP. A random sample of respondents (1,317 by phone and 1,671 online) was allocated to the 14 divisions of the RCMP, with 70% of the sample drawn from areas where the RCMP is the police service of jurisdiction.

Contact with the RCMP

Notes

• Results in this table are the overall results (combination of online panels and telephone interviews)
• Data was collected on January 10-27, 2020
• Percentages exclude those who replied "don't know" or "no opinion"
• Results are "weighted" - they are adjusted so that age, gender, and region better match the Canadian population
• For new questions, cells are greyed out for previous years

Sondage d’opinion des citoyens canadiens sur les services de police de la GRC de 2019-2020

Le Sondage d'opinion auprès des citoyens canadiens sur les services de police de la GRC consiste à sonder l'opinion des Canadiens adultes, plus particulièrement dans les régions où la GRC assure des services de police. Un échantillon de répondants (1 317 par téléphone at 1 671 en ligne) était réparti entre les 14 divisions de la GRC, 70 % de cet échantillon provenant de ces régions.

Contact avec la GRC

Notes

• Les résultats dans les tableaux ont été obtenus en utilisant une combinaison de réponses par téléphone et en ligne
• Les données ont été collectées du 10 au 27 janvier 2020
• Les pourcentages listés n'incluent pas les réponses "Ne sais pas" ou "Sans opinion"
• Les pourcentages ne s'additionnent pas toujours à 100 % dû à l'arrondissement des chiffres
• Les résultats sont pondérés - ils sont ajustés pour que l'âge, le genre et la région soient plus représentatifs de la population canadienne
• Pour les nouvelles questions ajoutées 2019-2020, les cellules des années précédents ont été grisées

Internal Audit, Evaluation and Review – Internal Audit Performance Results

Internal Audit, Evaluation and Review (IAER) publishes the performance results of its Internal Audit (IA) function, as required by the Directive on Internal Audit. This helps ensure that that the public is aware that heads of government organizations are receiving assurance and that activities are managed in a way that demonstrates responsible stewardship. The Treasury Board of Canada Secretariat's website provides additional information on why we publish key compliance attributes for internal audit.

Last updated: December 31, 2022

Date de modification :

1969-12-31