Auditor-General Karen Hogan speaks about the ArriveCAN app during a news conference in Ottawa on Feb. 12.Adrian Wyld/The Canadian Press
Auditor-General Karen Hogan said she found a “glaring disregard” for basic management practices as the cost of the federal government’s ArriveCan app for international travellers grew to an estimated $59.5-million.
In a report released Monday, Ms. Hogan also concluded that IT staffing firm GCStrategies was directly involved in setting narrow terms for a $25-million contract it ultimately won.
The audit report was produced in response to a motion approved in the House of Commons in November, 2022, shortly after The Globe and Mail first revealed that the cost of the pandemic-era app for international travellers had climbed to at least $54-million.
The Auditor-General found federal departments spent about $59.5-million on outsourcing work with private contractors, but Ms. Hogan said the lack of clear records of spending and decisions means the true cost could be higher or lower.
The report questions why Canada Border Services Agency officials approved invoices and time sheets from contractors in cases where “details of work performed were often missing.”
“Overall, this audit shows a glaring disregard for basic management and contracting practices throughout ArriveCan’s development and implementation,” Ms. Hogan said at a news conference after the tabling of her report.
The ArriveCan app was built quickly and launched in April, 2020, the month after the World Health Organization declared a global pandemic owing to COVID-19. The agency spent just $80,000 to create the initial version of the smartphone app. As health advisories changed, the app required numerous updates, including allowing Canadian travellers to upload their mandatory vaccination status records, which the agency said contributed to the escalating cost.
During the summer of 2022, technical problems led the app to send erroneous orders to more than 10,000 Canadians to quarantine under threat of heavy fines. An investigation by Privacy Commissioner Philippe Dufresne concluded last year that the situation violated the Privacy Act.
The app is no longer mandatory but continues to exist as an option for travellers at the border.
Ms. Hogan said the pandemic cannot be used as an excuse for a persistent lack of proper record keeping to explain spending decisions, a situation she described as unprecedented during her decades of working as an auditor.
“I will tell you that this is probably some of the worst financial record keeping that I’ve seen,” she said.
The Canada Border Services Agency said it accepts the Auditor-General’s recommendations, which include improving the documentation of interactions between officials and private vendors and greater oversight of contracting decisions.
The agency said it is launching a new contract review board to review and approve contracts and the specific task authorizations that flow from contracts for general services.
A breakdown of spending directed to private contractors shows significantly more money went to GCStrategies for ArriveCan than had been disclosed. The CBSA previously said the IT staffing company received about $11-million for work on ArriveCan. The Auditor-General says the total was $19.1-million, followed by $7.9-million to Dalian Enterprises Inc. and $7.9-million to Amazon Web Services Inc.
Both GCStrategies and Dalian told MPs during parliamentary hearings that they each have just two employees. They describe themselves as IT staffing companies that win contracts and then find subcontractors to perform the work in exchange for commissions.
Kristian Firth, the managing partner of GCStrategies, told MPs he typically charges a commission of between 15 per cent and 30 per cent of the contract value.
He also said he and his business partner Darren Anthony work from home, have no standalone office and do not perform IT work themselves.
MPs have heard dramatic testimony from senior public servants who publicly accused each other of lying about who was ultimately responsible for selecting GCStrategies to work on ArriveCan.
A failure of management, 'glaring disregard' for policies, controls and transparency and dismal efforts to track spending drastically drove up the cost of the much-maligned ArriveCan app, Auditor-General Karen Hogan said on Feb. 12. The app met with frustration from travellers and the opposition Conservatives, who blamed the app for long waits at the airport and glitches that ordered fully vaccinated people to quarantine.
The Canadian Press
Ms. Hogan’s report said her team was not able to answer that question.
“We found that the agency had little documentation to support how and why GCStrategies was awarded the initial ArriveCan contract through a non-competitive process. We also found that GCStrategies was subsequently involved in the development of the requirements that the agency ultimately included in the request for proposal for its competitive contract,” the report states.
The Auditor-General was on the verge of wrapping up her report late last year but extended the study after The Globe published new information in October. The Globe revealed that Montreal software company Botler, which had performed work for the border agency, had filed a formal complaint to the CBSA leadership in November, 2022, that made several allegations, including that the Botler co-founders’ résumés had been inflated during the contracting process.
The issues Botler raised centred on layers of subcontracting that hid key details about who was getting paid for what, and cozy ties between private staffing firms and the public servants who hire them. Botler did not work on ArriveCan, but the co-founders interacted with private contractors and public servants who did and the Botler project traces back to the same large contract for IT services that was also used for ArriveCan.
Botler’s concerns were particularly focused on its interactions with Mr. Firth, who initially reached out to the software company on behalf of the CBSA.
After receiving the complaint, the CBSA launched internal audits and reviews and referred the allegations to the RCMP. The RCMP have said they are investigating the allegations but have not said they are investigating ArriveCan specifically.
Ms. Hogan told MPs in October that she only learned of the RCMP investigation by reading about it in The Globe.
In Monday’s report, the Auditor-General raised concerns about interactions between public servants and private vendors but said she did not investigate Botler’s specific allegations because of the continuing CBSA and RCMP investigations.
Ms. Hogan told reporters she reserves the right to examine the matter further if the results of the CBSA internal review are not considered to be satisfactory.
“When it comes to matters that may be criminal in nature, I am not the expert in that area. That is really the RCMP, and that’s a question and a decision for them to debate,” she said.
Monday’s report said the audit found situations where border agency employees who were involved in the ArriveCan project were invited by vendors to dinners and other activities. It notes that the CBSA’s code of conduct requires employees to advise their supervisors of all offers of gifts or hospitality regardless of whether the offer or gift was accepted.
“We found no evidence that these employees informed their supervisors as required,” the report says.
Conservative Leader Pierre Poilievre, who introduced the 2022 motion that requested the audit, said the report shows Prime Minister Justin Trudeau’s Liberal government does not respect the value of tax dollars paid by Canadians.
“While Trudeau says he doesn’t have enough money to scan those shipping containers that are taking your car that’s been stolen and sending it off to the rest of the world, the very same department that is responsible for our borders and our ports took $60 million dollars or more for the ‘Arrive scam,’” he said.
Late last month, Procurement Ombudsman Alexander Jeglic released a report into ArriveCan. He found that outsourcing companies repeatedly won contracts by listing subcontractors who ultimately did no work.
That report also said the government used criteria that “were overly restrictive and favoured” GCStrategies, resulting in the company winning a $25-million general IT services contract after no other bids were submitted.
Michel Lafleur, the head of the CBSA’s internal investigation into Botler’s allegations, provided agency president Erin O’Gorman with a preliminary statement of fact on Dec. 19. Ms. O’Gorman has told MPs that she shared that report with the heads of Health Canada and the Canada Revenue Agency.
Then, in January, Health Canada assistant deputy minister Cameron MacDonald and CRA director-general Antonio Utano were suspended without pay in connection with the CBSA’s review of misconduct allegations.
The two men previously worked together on ArriveCan at the CBSA and interacted with Mr. Firth of GCStrategies. They deny any wrongdoing. Through their lawyer, they say they are being targeted because they publicly criticized their former superiors at the CBSA.
Ms. O’Gorman provided MPs with documents showing that Mr. Firth invited Mr. MacDonald, Mr. Utano and a few other agency officials to a virtual “ArriveCan Whisky Tasting” and to off-site meetings at various breweries and restaurants.
Monday’s Auditor-General report said that while the review could not determine who selected GCStrategies, it found the related contract requisition document was signed by a CBSA executive director. Ms. Hogan told reporters that was a reference to Mr. Utano.
“In my view, when a public servant signs a form like that and exercises their delegation of authority, it comes with responsibility and accountability,” she said.
MPs on the government operations committee were provided confidential copies of the CBSA’s preliminary report, which has not been made public. Liberal MP and committee vice-chair Majid Jowhari described the report’s contents as “scary” and said further hearings could compromise the investigations under way, which would be a disservice to justice.
Chris Spiteri, a lawyer representing Mr. MacDonald and Mr. Utano, has previously said Mr. Lafleur’s preliminary report is “nothing but a heap of baseless accusations supported by manipulated cherry picked emails and calendar entries.”
Public Safety Minister Dominic LeBlanc said he accepts the findings and is confident the CBSA will address them.
“We take the obligation to manage taxpayers’ money very seriously. Under no circumstances would we condone what the Auditor-General determined to be contracting practices that did not follow the rules, and anybody who did not will be held to account,” Mr. LeBlanc said during Question Period.
Procurement Minister Jean-Yves Duclos told reporters that early 2020 was a challenging time because of the pandemic.
“That’s no reason for such a lack of information, such a lack of accountability on the part of contractors and public servants. So we take full appreciation of that and have started to act,” he said.