A person uses the ArriveCan app in 2024. On Oct. 22, Auditor-General Karen Hogan announced an audit of GCStrategies, the main contractor on the ArriveCan app.Laura Proctor/The Globe and Mail
Auditor-General Karen Hogan is launching a new audit focused specifically on spending and contracts tied to GCStrategies, the two-person IT company that was the primary contractor on the ArriveCan app.
Ms. Hogan described the audit in a letter to House of Commons Speaker Greg Fergus, pointing to the fact that the House of Commons unanimously approved a report last month by the government operations committee asking her to conduct such work.
“We wish to inform the House that we will conduct a performance audit,” she wrote, according to a copy of the letter obtained by The Globe and Mail. “We are in the process of gathering information that will allow us to properly scope and plan the audit based on our mandate and available resources. Our scope may be affected by document retention policies, as some relevant information may no longer be available.”
The audit marks the second time the Auditor-General will be scrutinizing spending that includes ArriveCan costs, adding to the more than a dozen investigations and reviews that have been launched with a connection to the app. Since The Globe began reporting on how the government’s reliance on contracts with staffing firms that subcontract technology work caused ArriveCan costs to balloon, issues related to the app have spurred committee hearings, investigations by watchdog agencies and RCMP probes.
Opinion: McKinsey, ArriveCan are just the tip of a rotten iceberg of government outsourcing
Meanwhile, Canada Border Services Agency president Erin O’Gorman sent a letter to the government operations committee stating that some deleted e-mails of the agency’s former vice-president Minh Doan, a key figure in the ArriveCan saga, cannot be retrieved.
The Auditor-General released a report in February that found a “glaring disregard” for basic management practices with respect to the government app for cross-border travellers launched at the onset of the pandemic.
The original version of the app cost $80,000 but the Auditor-General said the price grew over time to $59.5-million.
The federal government relied heavily on outsourcing for the project and GCStrategies has said it then subcontracted all of the IT work to others – sometimes including large multinational companies – while collecting a commission of between 15 and 30 per cent of the contract values.
The government’s relationship with GCStrategies was singled out for criticism in that report, saying the company was awarded the initial ArriveCan contract through a non-competitive process and then later won a much larger contract that included some ArriveCan work after being involved in the development of the government’s contracting requirements.
Over the past 13 years, GCStrategies has received 105 government contracts with a combined total value of $100.3-million.
Members of Parliament on two committees have been probing the events related to ArriveCan for months and have yet to receive a definitive answer as to who specifically in government made the decision to select GCStrategies.
Former senior officials at the CBSA, which led the app project, have repeatedly pointed fingers at each other in parliamentary hearings.
Mr. Doan, a former CBSA vice-president, has maintained that he chose from two high-level options, selecting a mix of in-house and outsourced workers over a fully outsourced plan proposed by Deloitte. Mr. Doan said his team selected GCStrategies.
Two former CBSA officials who worked under Mr. Doan, Cameron MacDonald and Antonio Utano, have told MPs that it was Mr. Doan who selected GCStrategies.
Mr. MacDonald and Mr. Utano are currently suspended with pay. They are the subject of an internal investigation that documents show is focused on their interactions with GCStrategies managing partner Kristian Firth.
Mr. Doan told MPs in June that some of his e-mails were corrupted when he attempted to move files from an old laptop to a new laptop. He said all of his e-mails are backed up on Shared Services Canada servers.
The government operations committee then asked the CBSA to provide all backup copies of Mr. Doan’s deleted e-mails from his time at the agency as well as all text messages between Mr. MacDonald and Mr. Doan, from 2018 to present.
But in an Oct. 18 letter to the government operations committee, the CBSA president said Mr. Doan’s e-mail account was deleted after he left the CBSA to join the Treasury Board.
“The Agency further verified with Shared Services Canada that there were not backup files accessible following the account deletion,” Ms. O’Gorman wrote.
CBSA spokesperson Guillaume Bérubé said the letter only refers to deleted e-mails. The agency said many of Mr. Doan’s e-mails have already been shared with the committee and more will be sent once they are translated.
“Deleted e-mail backups are only kept on the server for 30 days,” Mr. Bérubé said.
The letter says the agency does not have access to the requested text messages and pointed to a recent ruling of the Access to Information Commissioner referencing a government policy that says instant messages that do not have business value are deemed transitory and should be deleted as soon as possible. It also said employees are responsible for saving any text messages that are not transitory in another format.
The letter says Mr. Doan’s and Mr. MacDonald’s phones were both wiped of all data when they left the agency, in line with federal policies.