Internal audit of federal government consulting contracts awarded to McKinsey & Company
On this page
Alternate formats
Internal audit of federal government consulting contracts awarded to McKinsey & Company [PDF - 1.22 MB]
Large print, braille, MP3 (audio), e-text and DAISY formats are available on demand by ordering online or calling 1 800 O-Canada (1-800-622-6232). If you use a teletypewriter (TTY), call 1-800-926-9105.
1. Background
1.1 Context
Procurement in the Government of Canada is subject to the Directive on the Management of Procurement (and the now rescinded Contracting Policy, prior to May 13, 2022). The objective of this directive is that procurement of goods, services and construction obtains the necessary assets and services that support the delivery of programs and services to Canadians, while ensuring best value to the Crown. As a result, among others, procurements are expected to:
- enable operational outcomes
- be subject to effective governance and oversight mechanisms
- be fair, open, and transparent
- meet public expectations in matters of prudence and probity
The Prime Minister has tasked the President of the Treasury Board, along with the Minister of Public Services and Procurement, to undertake a review of contracts awarded to McKinsey & Company (McKinsey).
On February 8, 2023, the Office of the Comptroller General requested from government organizations, a list of all contracts with McKinsey dating back to January 1, 2011, as well as related information on these. For those organizations that have been the technical authority or entered into any such contracts, the Office of the Comptroller General directed Chief Audit Executives of these organizations to conduct a formal independent internal audit of the related procurement processes, with results to be reported by March 22, 2023.
Internal Audit identified a total of 4 contracts that had been awarded by Employment and Social Development Canada (the Department) to McKinsey. As per procurement policies and guidelines, Departments have the authority to award contracts without soliciting bids when only one vendor is deemed capable of performing the work. The 4 contracts were awarded to McKinsey without soliciting bids as the company holds exclusive proprietary rights to data and research used to fulfill the requirements.
Details about the 4 contracts in the scope of this audit can be found in Appendix B.
The Department awarded Contract #1 to McKinsey through a non-competitive contracting process. A National Master Standing Offer was later established through a non-competitive process by Public Services and Procurement Canada. The Department used this standing offer to obtain benchmarking services from McKinsey for Contracts #2, #3 and #4.
1.2 Audit objective
The objectives of the audit were to determine if, for the 4 contracts in scope:
- The integrity of the procurement process was maintained consistent with adhering to the Values and Ethics Code for the Public Sector and the Directive on Conflict of Interest
- The procurements were conducted in a fair, open and transparent manner consistent with the Treasury Board Policy that was in place at the time (Contracting Policy or the Directive on the Management of Procurement)
- The procurements were conducted in a manner consistent with the organization's internal processes and control frameworks (consistent with procurement management frameworks, financial controls, security controls)
1.3 Scope
The scope of the audit focused on the examination of the procurement practices for all competitive and non-competitive contracts (as defined by the Policy on the Planning and Management of Investments) with McKinsey. The contracts in scope were awarded (i.e., signed) by the Department between January 1, 2011, and February 7, 2023.
The Chief Financial Officer Branch identified the contracts in scope from the departmental financial reporting system SAP. Internal Audit validated the completeness of information against the Government Proactive Disclosure portal, no anomaly was found.
The audit did not assess:
- Value for money of the contracts;
- Contracts with any entity other than McKinsey or contracts awarded (and signed) outside of the audit period; and,
- Compliance with policy instruments, laws or regulations not specifically mentioned in this audit report.
For Contracts #2, #3 and #4 (see Appendix B), Public Services and Procurement Canada was the contracting authority. As such, the audit did not examine procurement practices relating to contract award and supplier selection as these were the responsibility of Public Services and Procurement Canada.
1.4 Approach
The Office of the Comptroller General provided all departments with an audit plan and work program to enable consistent coverage across the Government of Canada. While the Office of the Comptroller General developed the objectives, scope, audit criteria, and work program, the Department's internal audit function, developed audit findings and recommendations independently.
The approach followed by the Department was in alignment with the one described in the Office of the Comptroller General's audit plan and work program. To ensure the integrity and objectivity of the audit work, this audit was conducted only by public servant internal auditors subject to the Internal Auditing Code of Ethics of the Institute of Internal Auditors.
2. Audit findings
2.1 Integrity of the procurement process
Criterion 1.1: Public servants and public office holders ensure that the integrity of the procurement process is maintained and consistent with the Values and Ethics Code for the Public Sector and the Directive on Conflict of Interest.
Internal Audit has reviewed all the information found in the contracting files. We did not find indications on file that the Minister or the Minister's staff were involved in the contracting process for the 4 contracts under review.
Internal Audit did not find in the information examined in the course of this audit, evidence of public servants whose behaviour or status did not comply with the Values and Ethics Code for the Public Sector or the Directive on Conflict of Interest. The information examined includes communications provided in supporting the 4 contracting packages and interviews conducted with the Project Authorities and the Asset Management, Policy and Procurement team.
Criterion 1.2: Contracting with former public servants and former public office holders is performed with integrity in accordance with the Directive on Conflict of Interest, Conflict of Interest Act and procurement policy instruments.
This criterion is not applicable to the 4 contracts reviewed by Internal Audit as none were with former public servants or former public office holders.
2.2 Fairness, Openness, and Transparency of Procurements
Criterion 2.1: Non-competitive procurement – There is documentation to support the justification for non-competitive procurement contracts in accordance with section 6 of the Government Contract Regulations.
The 4 contracts reviewed by Internal Audit were non-competitive procurement contracts. For all contracts reviewed, Internal Audit found adequate expenditure initiation and Section 32 authorization. Internal Audit also found that statements of work had been defined prior to the contract award (in all cases).
For all contracts reviewed, the rationale provided by the Department for entering into a contract without soliciting bids was that only one vendor was deemed capable of performing the work. This is also in accordance with the Government Contract Regulations.
However, when this reason is invoked, it is expected that, in line with the Contracting Policy Notice 2007-4, a series of 7 questions be answered. Answers to these questions form the basis of the rationale for proceeding with a non-competitive contracting process. As such, they were expected to be documented on the procurement file. Out of the 4 contracts reviewed by Internal Audit, 2 did not document the answers to these questions (Contracts #2 and #3, see Appendix B) but were still issued under Public Services and Procurement Canada's contracting authority. The recommendation included in this report combined with appropriate documentation on file to support the justification for the use of non-competitive procurement should prevent this situation from happening in the future.
Criterion 2.2: Competitive procurement – Bid evaluation criteria were provided on Request for Proposal documents and were used for contractor selection in an open, fair and transparent manner.
This criterion is not applicable to the 4 contracts reviewed by Internal Audit as none of them went through a competitive vehicle with a bid solicitation process.
Criterion 2.3: Contract management – Contracts and contract amendments were approved prior to the receipt of any services or the expiration of the original contract and supporting documentation is retained on file. Documented monitoring and certification of the delivery of the services was implemented.
Internal Audit reviewed the 4 signed contracts and we can confirm that all 4 contracts were signed by individual with the appropriate delegated authority and that contracts were issued before services were received.
Another aspect of contract management reviewed by Internal Audit was the compliance with the provisions of the Policy on Government Security. We found that the policy security requirements were adequately addressed for Contract #1 (see Appendix B). For the other 3 contracts (resulting from call-ups against a standing offer), we could not confirm whether all McKinsey consultants had the required security level prior to providing services. Although the standing offer itself had no security requirement, the 3 contracts resulting from it are separate and distinct. As such, the Department determined security requirements for Contracts #2, #3, and #4. However, the Department did not confirm whether McKinsey consultants assigned to those contracts had been security screened as it was unclear who, between the Department and Public Services and Procurement Canada, was responsible for reviewing security screening. Opportunities exist to improve controls ensuring compliance with the provisions of the Policy on Government Security.
Internal Audit also reviewed the contract amendment to Contract #4 (see Appendix B), the only contract in scope with amendment. Internal Audit did not find any deficiency regarding the justification, approval and issuance of the amendment.
Finally, Internal Audit reviewed documents supporting the monitoring and certification of the delivery of the services provided by McKinsey. We found inconsistent documentation to demonstrate that adequate monitoring took place. Internal Audit reviewed, where possible, tangible deliverables resulting from the contracts to confirm that services were provided. Where services provided did not produce tangible and traceable deliverables (such as for leadership counselling), Internal Audit conducted interviews and reviewed evidence of appointments with the consulting team to confirm that services were provided. Internal Audit can confirm that adequate supporting evidence was found for most of the deliverables outlined in the contracts in scope. However, some deliverables, as per the statements of work, were not specific in terms of quantity and quality and therefore, difficult to measure and monitor. Opportunities exist to improve the documentation of the monitoring and certification of the delivery of services provided.
Criterion 2.4: Certification authority (Section 34) – Certification authority is performed by someone with the delegated authority to do so, is accomplished in a timely manner and verifies the correctness of the payment requested (Section 34 of the Financial Administration Act).
Internal Audit did not find any major deficiency with regards to Section 34 of the Financial Administration Act for all 4 contracts reviewed. Certification authority was performed by the appropriate delegated authority in all cases.
However, for all contracts reviewed, Internal Audit found that the level of detail found in the invoices, by themselves, lacked the required granularity to adequately document the work performed by McKinsey.
Criterion 2.5: Proactive disclosure – Contracts, including amendments, valued at over $10,000 meet minimum proactive disclosure requirements.
Internal Audit did not find any major deficiency with the Proactive Disclosure requirements when reviewing all contracts within the scope of this audit. However, for Contract #1 (see Appendix B), information disclosed did not match the approved contract information. A comment field stated that the contract was competitively sourced when it was not. Internal Audit raised the issue to the Chief Financial Officer Branch, who investigated and found a coding issue created the discrepancy. The issue was resolved on February 23, 2023.
2.3 Adherence to departmental processes and control frameworks
Criterion 3.1: Procurements are conducted in a manner consistent with departmental internal processes and control frameworks.
The departmental Procurement Review Committee (the Committee) is an ongoing procurement oversight activity that is managed by the Asset Management, Policy and Procurement section within the Chief Financial Officer Branch. The objective of the Committee is to ensure that departmental procurement and contracting activities are carried out in accordance with the applicable legislation, policies and procedures and considering national and departmental priorities.
The Committee provides oversight on procurement activities that have a higher risk potential for the Department. It also conducts a review at the pre-contract stage of the procurement cycle. The challenge role provided by the Committee upholds the values of prudence, probity and sound contract management.
As per the Committee's review parameters, all non-competitive contracting processes with an estimated expenditure of more than $40,000 for services, must go to the Committee for approval. Contracts #2, #3 and #4 fell under these parameters. These 3 contracts needed to be tabled at the Committee but only Contract #4 was.
Standing offers generally result from competitive procurement processes. The standing offer to obtain McKinsey services was established by Public Services and Procurement Canada through a non-competitive process. The call-ups made against this standing offer for Contracts #2 and #3 were incorrectly assumed to be the result of competitive processes. This was not detected by the Department (as well as Public Services and Procurement Canada). As a result, Contracts #2 and #3 were awarded without the Committee's review and approval and proper justification on file (see findings on Criterion 2.1).
Recommendation
The Chief Financial Officer should strengthen controls supporting the proper use of procurement tools, with special attention given to identifying whether the tool is non-competitive or competitive.
Management Response
Management agrees with the recommendation. An instruction will be added to the Procurement Master Checklist prompting contracting authorities to confirm if the procurement tool being used was sourced competitively or non-competitively. The estimated completion date is May 2023.
An email communication will be distributed to the procurement operations teams underlining the importance to contracting authorities of using existing tools properly, which would include a determination of whether or not they are competitive or non-competitive tools. The estimated completion date is May 2023.
The procurement operations staff will be reminded at their respective operational team meetings of the importance of using procurement tools appropriately, and to review the instructions in these actions. The estimated completion date is June 2023.
3. Conclusion
Through evidence reviewed by Internal Audit, we conclude the following:
- No evidence was found indicating that the integrity of the procurement process was not maintained or did not adhere to the Values and Ethics Code for the Public Sector or the Directive on Conflict of Interest for the 4 contracts reviewed.
- Key documents substantiating that the procurements were conducted in a fair, open and transparent manner were not on file for 2 of the 4 contracts reviewed. Although Internal Audit could confirm that adequate supporting evidence was found for most of the deliverables outlined in the contracts in scope, opportunities exist to improve the documentation of the monitoring and certification of the delivery of services provided.
- 2 of the 4 contracts reviewed did not follow one of the key departmental controls (review and approval by the Procurement Review Committee). Following this departmental control could have helped to demonstrate due diligence and sound contract management.
4. Statement of Assurance
In our professional judgment, the audit team gathered and analyzed sufficient and appropriate evidence to support the accuracy of conclusions found in this report. The audit team based these conclusions on observations and analyses at the time of the audit. These conclusions are applicable only for the 4 contracts listed in Appendix B. The audit team followed the Treasury Board Policy on Internal Audit and the International Standards for the Professional Practice of Internal Auditing.
Appendix A: Audit Criteria Assessment
1.1 Public servants and public office holders ensure that the integrity of the procurement process is maintained and consistent with the Values and Ethics Code for the Public Sector and the Directive on Conflict of Interest.
- Contract 1: Compliant
- Contract 2: Compliant
- Contract 3: Compliant
- Contract 4: Compliant
1.2 Contracting with former public servants and former public office holders is performed with integrity in accordance with the Directive on Conflict of Interest, Conflict of Interest Act and procurement policy instruments.
- Contract 1: Not applicable
- Contract 2: Not applicable
- Contract 3: Not applicable
- Contract 4: Not applicable
2.1 Procurement: non-competitive – There is documentation to support the justification for non-competitive procurement contracts in accordance with section 6 of the Government Contract Regulations.
- Contract 1: Compliant
- Contract 2: Non-compliant
- Contract 3: Non-compliant
- Contract 4: Compliant
2.2 Procurement: competitive – Bid evaluation criteria were provided on Request for Proposal documents and were used for contractor selection in an open, fair and transparent manner.
- Contract 1: Not applicable
- Contract 2: Not applicable
- Contract 3: Not applicable
- Contract 4: Not applicable
2.3 Contract management – Contracts and contract amendments were approved prior to the receipt of any services or the expiration of the original contract and supporting documentation is retained on file.
- Contract 1: Compliant
- Contract 2: Compliant
- Contract 3: Compliant
- Contract 4: Compliant
Documented monitoring and certification of the delivery of the services was implemented.
- Contract 1: Partially compliant
- Contract 2: Partially compliant
- Contract 3: Compliant
- Contract 4: Partially compliant
2.4 Certification authority (Section 34) – Certification authority is performed by someone with the delegated authority to do so, is accomplished in a timely manner and verifies the correctness of the payment requested (Section 34 of the Financial Administration Act).
- Contract 1: Compliant
- Contract 2: Compliant
- Contract 3: Compliant
- Contract 4: Compliant
2.5 Proactive disclosure – Contracts, including amendments, valued at over $10,000 meet minimum proactive disclosure requirements.
- Contract 1: Partially compliant
- Contract 2: Compliant
- Contract 3: Compliant
- Contract 4: Compliant
3.1 Procurements are conducted in a manner consistent with your departmental internal processes and control frameworks.
- Contract 1: Compliant
- Contract 2: Non-compliant
- Contract 3: Non-compliant
- Contract 4: Compliant
Appendix B: Details of the Contracts in scope
Contract 1
High-level advisory services to de-risk transformation as the organization continues to change, and increase the likelihood of programme success, August 3, 2020 to March 31, 2021, $40,000 with taxes.
Overview of services
McKinsey provided on-demand access to expert advice related to the governance of large-scale, multi-year transformation programmes, and business development of the organization's service delivery model to drive Service Canada as a service. McKinsey provided support of departmental initiatives, projects and business cases in relation to transformation.
Contract 2
Benchmarking services, March 25, 2021, to April 28, 2021, $339,894.84 with taxes.
Overview of services
To advance the Department's transformation efforts, Service Canada sought industry expertise and advice on benchmarking related to the governance of large-scale, multi-year transformation programmes, and business development of the organizations service delivery model.
Contract 3
Advisory services, October 26, 2021, to January 4, 2022, $517,387.50 with taxes.
Overview of services
McKinsey provided strategic advisory services and leadership counselling to support senior management's work to advance the department's transformation efforts.
Contract 4
Benchmarking services, August 16, 2022, to May 31, 2023, $5,742,857.53 with taxes.
Overview of services
McKinsey is providing benchmarking services to support the department's transformation through a customer experience benchmark and the architecting, design and testing of citizen experience journey to improve client and user experience and service delivery. Deliverables include the assessment and development of a set of experience-based personas; the implementation and delivery of a Journey Lab with a focus on improving the way services are accessed and delivered; guidance on performance metrics and outcomes; and identifying the roles and responsibilities of a Chief Client Experience Officer role.
Appendix C: Audit Criteria Source
Criteria for Objective 1: The integrity of the procurement process was maintained and consistent with adhering to the Values and Ethics Code for the Public Sector and the Directive on Conflict of Interest
Public servants and public office holders ensure that the integrity of the procurement process is maintained and consistent with the Values and Ethics Code for the Public Sector and the Directive on Conflict of Interest
- Conflict of Interest Act – Part I
- Directive on Conflict of Interest – 4.2.16, 4.17.3
- Values and Ethics Code for the Public Sector – Integrity section (3)
- Contracting Policy (before May 13, 2022) – 4.2.12,10.8,11.1.1,12.4
- Directive on the Management of Procurement (after May 13, 2022) – 4.2.2, 4.3.2
Contracting with former public servants and former public office holders is performed with integrity in accordance with the Directive on Conflict of Interest, Conflict of Interest Act and procurement policy instruments.
- Conflict of Interest Act – Part I, Part III (35, 36)
- Directive on Conflict of Interest – 4.2.16
- Values and Ethics Code for the Public Sector – Integrity section
- Contracting Policy (before May 13, 2022) – 4.1.9, 4.2.20, Annex C, schedule 5
- Directive on the Management of Procurement (after May 13, 2022) – 4.5.5, 4.6.4, 4.10.1.7
Criteria for Objective 2: The procurements were conducted in a fair, open and transparent manner consistent with the Treasury Board Policy that was in place at the time
Procurement: non-competitive – There is documentation to support the justification for non-competitive procurement contracts in accordance with section 6 of the Government Contract Regulations.
- Contracting Policy (before May 13, 2022) – Sections 10.2.1, 10.2.6, 10.5, 10.7.30, and Appendix C
- Directive on the Management of Procurement (after May 13, 2022) – 4.3.1,4.3.2, 4.3.5 (4.1.1 procurement framework should include detailed requirements)
- Contracting Policy Notice 2007-4 - Non-Competitive Contracting
- Government Contract Regulations [Current to January 25, 2023] – Section 6
Procurement: competitive – Bid evaluation criteria were provided on Request for Proposal documents and were used for contractor selection in an open, fair and transparent manner.
- Contracting Policy (before May 13, 2022) –Sections 4.1.2; 4.1.4, 4.1.9; 16.1.2; 10.5; 10.7; 10.8; 11.1 and 11.3, Appendix J
- Directive on the Management of Procurement (after May 13, 2022) – 4.1.1, 4.3.1, 4.3.5 (4.1.1 procurement framework should include detailed requirements)
Contract management – Contracts and contract amendments were approved prior to the receipt of any services or the expiration of the original contract and supporting documentation is retained on file. Documented monitoring and certification of the delivery of the services was implemented.
- Contracting Policy (before May 13, 2022) – Sections 4.2.10; 11.2; 11.3; 12.3; 12.4.1; 12.9, Appendix H 2.6,
- Directive on the Management of Procurement (after May 13, 2022) – 4.3.1, 4.3.5 (procurement framework should include detailed requirements on contract management), 4.10.6
- Policy on Government security – Appendix A A.6
Certification authority (section 34) – Certification authority is performed by someone with the delegated authority to do so, is accomplished in a timely manner and verifies the correctness of the payment requested (Section 34 of the Financial Administration Act).
- Directive on Delegation of Spending and Financial Authorities [2017-04-01] – Sections 4.1.11, A.2.2.1.1 to A.2.2.1.3, A.2.2.1.7 to A.2.2.1.9.
- Financial Administration Act [2018-03-18 current to] – Section 34
Proactive disclosure - Contracts, including amendments, valued at over $10,000 meet minimum proactive disclosure requirements
- Contracting Policy (before May 13, 2022) – Section 5.1.6
- Directive on the Management of Procurement (after May 13, 2022) – Appendix C
- Guidelines on the Proactive Disclosure of Contracts- Canada.ca – Section 4.1 (amended April 1, 2022).
- Proactive Disclosure on Contracts, Guidelines on [previous version] – Section 4.1
- Access to Information Act subsection 86(1)
Note: On April 11, 2019, the contracting limits for organizations and Public Services and Procurement Canada were updated to reflect a 25% increase to account for inflation (see Appendix C of the Contracting Policy).
Page details
- Date modified: