Language selection

Government of Canada / Gouvernement du Canada

Search

Audit of Procurement

Table of Contents

Executive summary

Following the Prime Minister’s tasking in January 2023 to undertake a review of contracts awarded to McKinsey & Company, the Public Service Commission of Canada (PSC) decided to conduct an audit of the procurement process to assess compliance with existing directives and policies. The internal audit team reviewed 4 contracts completed between 2012 and 2018 with a total dollar spending amount of $414,030 (CON16-1101, CON18-0039, D1124-12-0040 and CON14-1048).

Audit objective 1:The integrity of the procurement process was maintained and the process adhered to the Values and Ethics Code for the Public Sector and the Directive on Conflict of Interest

Criterion 1: Public servants and public office holders ensure that the integrity of the procurement process is maintained, consistent with the values and ethics code and the directive.

Audit assessment: Compliant

Rationale for assessment: We found no evidence that public servants demonstrated behaviours that would contravene the values and ethics code and the directive.

Criterion 2: Contracting with former public servants and former public office holders is performed with integrity in accordance with the Directive on Conflict of Interest, the Conflict of Interest Act and procurement policy instruments.

Audit assessment: Compliant

Rationale for assessment: There was no indication that any of the consultants were former public servants or former public office holders.

Audit objective 2: The procurements were conducted in a fair, open and transparent manner, consistent with the policy in place at the time (Contracting Policy or the Directive on the Management of Procurement)

Criterion3: Procurement (non-competitive): There is documentation to support the justification for non-competitive procurement contracts in accordance with section 6 of the Government Contracts Regulations.

Audit assessment: Partially compliant

Rationale for assessment: There is documentation to support the justification for non-competitive procurement contracts. It cannot be determined whether the statements of work were defined before vendor selection because the statements of work are not dated. While supporting documentation details what services were included in the price, there is no evidence that rates were compared with other firms in the industry.

Criterion 4: Procurement (competitive): Bid evaluation criteria were provided on request for proposal documents, and were used for contractor selection in an open, fair and transparent manner.

Audit assessment: Compliant

Rationale for assessment: Section 32 was performed by individuals with delegated authority. The statement of work and evaluation criteria were defined, written in an open, fair and transparent manner, and were challenged by the contracting authority.

Criterion 5: Contract Management: Contracts and contract amendments were approved before any services were received or before the original contract expired. There is also oversight to monitor performance and ensure that services delivered meet the contract provisions in terms of quality, standards and service levels.

Audit assessment: Partially compliant

Rationale for assessment: Copies of contracts retained were not signed by all parties. It cannot be determined whether contract amendments were issued before services were received because there is no evidence of when services were received. Contract amendments were justified and substantiated. For all contracts, there is limited evidence of oversight to monitor the vendor’s work and performance to ensure that the services delivered met contract provisions in terms of quality, standards and service levels.

Criterion 6: Certification Authority (section 34): Certification authority is performed by someone with the delegated authority to do so, is accomplished in a timely manner and verifies the correctness of the payment requested (section 34 of the Financial Administration Act).

Audit assessment: Partially compliant

Rationale for assessment: There was no evidence that certification authority was performed by the appropriate delegated authority. Evidence that expected deliverables were received was not on file.

Criterion 7: Proactive Disclosure: Contracts, including amendments, valued at over $10,000 meet minimum proactive disclosure requirements.

Audit assessment: Partially compliant

Rationale for assessment: All contracts, but not all contract amendments, were found to be proactively disclosed.

Audit objective 3: Procurements were conducted according to the organization’s internal processes and control frameworks

Criterion 8: Procurements are conducted according to departmental internal processes and control frameworks.

Audit assessment: Partially compliant

Rationale for assessment: We found no evidence that procurements were not conducted according to departmental internal processes and control frameworks. However, little information about processes and controls was provided. During the audit, several documents that were required to be retained were not found on file.

Introduction

Background

Procurement in the Government of Canada is subject to the Directive on the Management of Procurement, which aims to ensure that procurement of goods, services and construction obtains the necessary assets and services that support the delivery of programs and services to Canadians, while ensuring best value to the Crown. Procurements are expected to:

Before May 13, 2022, procurement was subject to the now rescinded Contracting Policy.

At the Public Service Commission of Canada (PSC), procurement processes have not been subject to recent audits.

On January 11, 2023, the Prime Minister tasked Minister Fortier, as President of the Treasury Board, along with Minister Jaczek, Minister of Public Services and Procurement, to undertake a review of contracts awarded to McKinsey & Company (McKinsey). A total of 10 federal departments entered such contracts with McKinsey. The Office of the Comptroller General of Canada directed the chief audit executives of these organizations to conduct a formal independent internal audit of the related procurement processes.

Other than McKinsey, the companies forming the “Big 4”, the 4 largest financial audit and consulting firms in the world, have also been awarded contracts by federal government departments. The “Big 4” consists of Deloitte, Ernst & Young, KPMG and PricewaterhouseCoopers. Previously, they were referred to as the “Big 5” because Accenture was included. The PSC did not award contracts to McKinsey between January 1, 2011, and February 7, 2023. However, it did award 8 contracts to 3 of the 5 “Big 5” companies in the amount of $555,291.

For additional context, between 2011 and 2023, the PSC signed contracts for a total value of $73,738,736. More work would be required to provide a more comprehensive understanding of the gaps and risks of the PSC’s overall procurement process.

Audit objectives and scope

The objectives of the audit were to determine the following for scoped-in contracts:

  1. The integrity of the procurement process was maintained, consistent with adhering to the Values and Ethics Code for the Public Sector and the Directive on Conflict of Interest.
  2. Procurements were conducted in a fair, open and transparent manner, consistent with the Treasury Board policy in place at the time (Contracting Policy or the Directive on the Management of Procurement).
  3. Procurements were conducted in a manner consistent with the organization’s internal processes and control frameworks.

The scope of this audit focused on examining procurement practices for all competitive and non-competitive contracts with the Big 5 firms that were awarded by the PSC between January 1, 2011, and February 7, 2023.

A total of 8 contracts were awarded to 3 of the Big 5 firms:

Deloitte

  1. D1124-11-0128 (records destroyed)
    • 2011/02/06 to 2013/03/04
    • Contract amount (including amendments): $68,867
  2. D1124-12-0040
    • 2012/12/09 to 2018/03/04
    • Contract amount (including amendments): $196,727
    • Multi-departmental contract
  3. CON12-1052 (records destroyed)
    • 2012/06/27 to 2012/12/31
    • Contract amount (including amendments): $24,991
    • Competitive contract

KPMG

  1. CON11-1306 (records destroyed)
    • 2012/01/10 to 2012/03/31
    • Contract amount (including amendments): $24,408
    • Sole source
  2. CON11-1368 (records destroyed)
    • 2012/03/08 to 2012/03/31
    • Contract amount (including amendments): $22,995
    • Sole source
  3. CON16-1101
    • 2017/01/18 to 2017/03/31
    • Contract amount (including amendments): $24,576
    • Sole source

PricewaterhouseCoopers

  1. CON14-1048
    • 2015/04/01 to 2018/05/31
    • Contract amount (including amendments): $168,150
    • Competitive using Professional Audit Support Services’ supply arrangement
  2. CON18-0039
    • 2018/10/19 to 2018/12/29
    • Contract amount (including amendments): $24,577
    • Sole source; ProServices Tier 1

For 4 of these contracts, records were destroyed in accordance with the PSC’s Records Disposition Authority, which requires that contracts be retained for 6 years. The audit included an assessment of the remaining 4 contracts: CON16-1101, CON18-0039, D1124-12-0040, and CON14-1048.

The audit did not assess:

Methodology

The internal audit team applied the audit work program provided by the Office of the Comptroller General of Canada and the findings were consistent with those of other departments. While the Office of the Comptroller General of Canada developed the objectives, scope, audit criteria and audit work program for use by departments, audit findings and recommendations were developed independently by the PSC’s internal audit function. To ensure the integrity and objectivity of the audit work, this audit was conducted only by public servant internal auditors subject to the Institute of Internal Auditors’ Code of Ethics.

The internal audit team did not follow all the steps of the proposed program for objective 3 (adherence to departmental processes and control frameworks) as the contracts were dated 5 to 11 years ago, and because of PSC turnover. Further, no documents were found pointing to specific controls in place at the PSC from 2012 to 2018. Instead, we examined whether there was proper documentation of the contract files.

Conformance with professional standards

This internal audit was conducted in conformance with the International Standards for the Professional Practice of Internal Auditing.

Findings and recommendations

Objective 1: Integrity of the procurement process

The integrity of the procurement process was maintained according to the Values and Ethics Code for the Public Sector and the Directive on Conflict of Interest.

What we looked at and why it matters

When contracting with former public office holders and former public servants, the Directive on Conflict of Interest and Conflict of Interest Act must be respected. While reviewing documentation, the internal audit team looked for evidence that the PSC President or the President’s staff influenced the outcome of the procurement process, and evidence that public servants contravened the Values and Ethics Code or the Directive on Conflict of Interest. The team also looked for indications that any of the consultants hired were former public servants or former public office holders.

Findings

What is working
What can be improved

Not applicable, as the internal audit team found no elements to be improved.

Objective 2: Fairness, openness and transparency are in line with applicable policy for non-competitive and competitive contracting processes

The procurements were partially compliant with the Treasury Board policy in place at the time that required procurements to be conducted in a fair, open and transparent manner.

What we looked at and why it matters

To assess fairness, openness and transparency of the procurement processes undertaken by the PSC, we assessed the following criteria:

  1. Non-competitive contracting
  2. Competitive contracting (including bid solicitation, evaluation of bids and contract length)
  3. Contract management
  4. Certification authority (section 34)
  5. Proactive disclosure

1. Non-competitive contracting

Of the 4 contracts reviewed, 3 were non-competitive: CON16-1101, CON18-0039 and D1124-12-0040.

Findings
Rationale for non-competitive contract

When a non-competitive contract is issued, the rationale for why it was issued must be included on file and must align with at least one of the exceptions outlined in section 6 of the Government Contracts Regulations:

What is working
What can be improved

Not applicable, as the internal audit team found no elements to be improved.

Contract splitting

For non-competitive contracts, there should be no evidence of contract splitting.

What is working
What can be improved

Not applicable, as the internal audit team found no elements to be improved

Requirements for supply arrangements

For a contract against a supply arrangement, the process followed must align with the specific requirements prescribed in the supply arrangement.

Of the 3 non-competitive contracts reviewed, 1 was a contract against a supply arrangement through ProServices.

What is working
What can be improved

Not applicable, as the internal audit team found no elements to be improved

Expenditure initiation (Section 32)

For non-competitive contracts, section 32 should be performed by someone with the appropriate delegated authority and documented. A statement of work should also be defined before vendor selection and contract award.

What is working
What can be improved
Fair and reasonable price

For non-competitive contracts, validation that the price is fair and reasonable should be supported by documentation detailing what services are included in the price.

What is working

For D1124-12-0040, comparison with other firms in the industry was not possible since it was a multi-departmental contract managed by Public Services and Procurement Canada.

What can be improved
Recommendation 1

The Vice-President of the Corporate Affairs Sector should improve controls to ensure procurement files contain all documentation of business value.

2. Competitive contracting

The information in the request for proposal is used by suppliers to bid for potential contracts. It is important for the key components of the request for proposal, mainly the bid evaluation criteria and the statement of work, to be open, fair and transparent so that all suppliers understand what they are bidding on and how they will be evaluated, as well as that they are able to freely compete.

Of the 4 contracts reviewed, 1 was competitive. CON14-1048 used mandatory methods of supply required by Public Services and Procurement Canada to solicit bids.

Findings
Bid solicitation

Before soliciting bids, steps should be taken to ensure that the procurement process is designed to facilitate fair, open and transparent contractor selection. For this reason, we assessed whether:

  1. Section 32 was appropriately authorized
  2. the statement of work and bid evaluation criteria were reviewed by the contracting authority
  3. the bid selection method and bid evaluation criteria were outlined in solicitation documents before the request for proposal was issued
  4. the statement of work and evaluation criteria were fair, open and transparent
What is working
What can be improved

Not applicable, as the internal audit team found no elements to be improved

Evaluation of bids

To support a fair, open and transparent procurement process, bids should be evaluated according to established criteria and documentation is retained. We assessed whether:

  1. records of individual and consensus evaluations were on file for all bidders
  2. bids were evaluated in accordance with the criteria outlined in the solicitation documents
  3. the contract was awarded to the top-ranked firm in accordance with the selection methodology
  4. the process that was followed was aligned with the requirements prescribed in the supply arrangement
What is working
What can be improved

Not applicable, as the internal audit team found no elements to be improved

Contract length

It is important that the contract end date be reasonable for the scope and type of services delivered.

What is working
What can be improved

Not applicable, as the internal audit team found no elements to be improved

3. Contract management

Effective contract management is important to ensure that the PSC receives the required services, quality expectations are met and that disputes between contractors and the PSC do not occur. We assessed whether:

  1. security requirements were established and verified
  2. contracts and contract amendments were on file and appropriately signed prior to the commencement of any work
  3. oversight and monitoring of the contracts took place
Findings
Security requirements

Before any work on a contract began, all individuals working for the contractor were required to have the necessary security clearances in place.

What is working
What can be improved

Not applicable, as the internal audit team found no elements to be improved

Contract and contract amendments

Contracts must be signed by someone with appropriate delegated authority.

For 1 of the 4 contracts awarded, a signed contract was on file. For 2 contracts, the copies on file were signed only by the PSC. The remaining contract was a multi-departmental contract managed by Public Services and Procurement Canada.

For the 3 contracts where the PSC was responsible for issuing the contract, we verified whether the individual signing the contract had the delegated authority to enter that contract.

Also, we assessed the contract amendment process to understand whether contract amendments were approved by an authorized officer, issued before services were received, justified and substantiated, and issued before the contract expiry date.

Of the 4 contracts awarded, 3 required amendments.

What is working
What can be improved
Oversight and monitoring

Oversight and monitoring of contract performance can help ensure that the services delivered meet quality standards and expectations. We sought documents to assess how the work of the contractors was monitored.

What is working
What can be improved

Recommendation 2

The Vice-President of the Corporate Affairs Sector should implement a checklist to increase oversight and monitor performance to ensure that services delivered meet contract provisions in terms of quality, standards and service levels.

4. Certification authority (section 34)

Certification authority is exercised before payments are issued to certify that goods have been provided or services have been rendered.

Findings
What is working
What can be improved

We verified whether evidence was available to demonstrate that services were provided according to the terms of the contracts. The contracts we reviewed required contractors to provide multiple deliverables.

Specimen signature cards should be kept on file to demonstrate that certification authority was performed by someone with delegated authority.

Additional training and a checklist for managers would help ensure that the expense certified is properly supported with proof of execution.

5. Proactive disclosure

Findings

Data was obtained from the PSC financial system for the 4 contracts reviewed and cross-referenced with proactive disclosure records to assess whether all contracts and contract amendments over $10,000 were disclosed.

What is working
What can be improved
Recommendation 3

The Vice-President of the Corporate Affairs Sector should improve controls to ensure that all contracts and contract amendments are proactively disclosed.

Objective 3: Adherence to departmental processes and control frameworks

There were deficiencies in file documentation practices.

What we looked at and why it matters

Procurements should be conducted in accordance with departmental internal processes and control frameworks. Also, procurement files should be appropriately documented and support all actions taken and decisions made to demonstrate that processes are conducted in a fair, open and transparent manner.

Findings
What is working
What can be improved

Conclusion

The internal audit team reviewed 4 contracts awarded between 2012 and 2018 totalling $414,030 (CON16-1101, CON18-0039, D1124-12-0040, and CON14-1048). Some contracts were missing documentation, leading us to conclude that the PSC partially complied with Treasury Board policy. At the time of the audit, most of the people responsible for these contracts were no longer working for the PSC. The audit team took steps to locate missing documentation, but some key records could not be located.

Although most of the contracting procedures were followed for the 4 contracts analyzed, some improvements are required for both the competitive and non-competitive contracts to ensure that procedures are adequately followed.

A greater oversight of the procurement process would help ensure that:

By maintaining appropriate records of contracting activities, the organization would be better positioned to demonstrate compliance with relevant acts, policies and procedures. Additional controls, such as checklists, oversight and monitoring, would help ensure that the procurement process is fair, open and transparent.

To ensure that key documents are retained on the contracting file and that procurements are conducted according to departmental internal processes and control frameworks, we recommend that a documentation checklist on each procurement file be signed off by the team lead or supervisor at the end of the contract.

Management response and action plan

Recommendation 1

The Vice-President of the Corporate Affairs Sector should improve controls to ensure procurement files contain all documentation of business value.

Management action

In addition to 2 document completeness checklists available to officers, a random quality assurance and compliance review process has been in place since April 2023.

This review process ensures that all documentation has been included in the procurement file. As well, review process results are considered during performance management assessments for procurement staff.

Before they are published, peer reviews are always performed on notices of proposed procurement, including requests for proposals, requests for standing offers and requests for supply arrangements. Procurement officers have all completed the Fundamentals of Information Management (COR501) mandatory course.

As well, we will review, and adjust as needed, the PSC’s contracting guidelines to ensure documentation requirements and retention periods for both contracting and project authorities are well understood.

Area responsible

Corporate Affairs Sector, Finance and Corporate Planning Directorate

Expected completion date

By October 31, 2023

Recommendation 2

The Vice-President of the Corporate Affairs Sector should implement a checklist to increase oversight and monitor performance to ensure that the services delivered meet contract provisions in terms of quality, standards and service levels.

Management action

Before payment, delegated managers are responsible for confirming that services were delivered as set out in a contract (in terms of quality, standards and service levels) when they perform certification authority (Federal Accountability Act, section 34).

As per the Treasury Board’s Directive on Delegation of Spending and Financial Authorities, in certifying section 34 of the Federal Accountability Act, delegated managers must:

In addition, financial officers, when exercising payment authority (Federal Accountability Act, section 33), verify that enough auditable evidence exists to demonstrate that the account verification practices set out in section 34 of the act have taken place and that certification has been performed. They also review all high-risk transactions and a sample of medium- and low-risk transactions to ensure that the requirements of section 34 of the act have been met.

No action required.

Recommendation 3

The Vice-President of the Corporate Affairs Sector should improve controls to ensure that all contracts and contract amendments are proactively disclosed.

Management action

The procurement team will add a verification step in the process to confirm that all amendments are proactively disclosed.

Area responsible

Financial and Procurement Operations Division

Expected completion date

By September 30, 2023

Appendix A: Audit criteria

Objective 1: The integrity of the procurement process was maintained and the process adhered to the Values and Ethics Code for the Public Sector and the Directive on Conflict of Interest

1. Public servants and public office holders ensure that the integrity of the procurement process is maintained, consistent with the Values and Ethics Code for the Public Sector and the Directive on Conflict of Interest.

2. Contracting with former public servants and former public office holders is performed with integrity in accordance with the Directive on Conflict of Interest, the Conflict of Interest Act and procurement policy instruments.

Objective 2: Procurements were conducted in a fair, open and transparent manner consistent with the Treasury Board policy in place at the time (Contracting Policy or the Directive on the Management of Procurement)

3.Procurement (non-competitive): There is documentation to support the justification for non-competitive procurement contracts in accordance with section 6 of the Government Contract Regulations.

4. Procurement (non-competitive): Bid evaluation criteria were provided on request-for-proposal documents and were used for contractor selection in an open, fair and transparent manner.

5. Contract management: Contracts and contract amendments were approved before any services were received and before the original contract expired. There is also oversight to monitor performance and ensure that the services delivered meet the contract provisions in terms of quality, standards and service levels. 

6. Certification authority (section 34): Certification authority is performed by someone with delegated authority to do so, is accomplished in a timely manner and verifies the correctness of the payment requested (section 34 of the Financial Administration Act).

7. Proactive disclosure: Contracts, including amendments, valued at over $10,000 meet minimum proactive disclosure requirements.

Objective 3: Procurements were conducted according to the organization’s internal processes and control frameworks

8. Procurements are conducted according to departmental internal processes and control frameworks.

Page details

Date modified: