Internal Audit of the Integrity of Passport Program Operations

Internal Audit & Accountability Branch
June 2016

Table of Contents

• Executive Summary
• Background
• Audit Objective, Scope and Methodology
• Audit Findings and Recommendations
  • Governance related to the integrity of Passport Program operations
  • Passport Program Risk Management
  • Integrity of Passport Program Operations
• Conclusion
• Appendix A – Management Response

Executive Summary

Background

In July 2013 Canada’s Passport Program became part of Immigration, Refugees and Citizenship Canada. As mandated by the Canadian Passport Order, responsibilities of the Passport Program include issuing, refusing to issue, revoking, withholding, recovering, and providing instructions on the use of Canadian passports. At the same time, the Department of Employment and Social Development Canada assumed primary responsibility for domestic passport service delivery including the network of passport offices. Global Affairs Canada is responsible for delivering passport services outside of Canada at Canadian missions.

Canadians can apply for a passport through 34 passport-issuing offices across Canada and a combined network of 193 Service Canada and Canada Post receiving agents that offer Canadians broad access to passport services. Applicants can also mail their applications within Canada and the United States to a Central Processing Centre or submit applications via their Member of Parliament. Canada issues approximately five million travel documents a year.

Travel document integrity and security are important elements of the management and administration of the Passport Program to ensure that Canadians have internationally trusted travel documents that enable them to gain entry, often visa-free, to other countries and for Canadian citizens residing in Canada to facilitate their return to Canada. Authentication of identity, determination of eligibility and entitlement, policies and procedures designed to mitigate risks to program integrity, passport security features, biometrics, and administrative investigations, are all integral to maintaining and strengthening Passport Program integrity.

Audit Objective and Scope

The audit objective was to provide assurance that effective governance, risk management, and controls exist to support the integrity of Passport Program operations.

The audit scope focused on domestic passport issuance, quality assurance practices, intelligence and information sharing, and key control procedures. Passport Program administration and operations from February 2014 to September 2015 were assessed. The audit excluded services related to the delivery of passports overseas, the revolving fund, performance measurement processes, passport modernization initiatives, Certificates of Identity, Refugee Travel Documents, Official Travel Documents, and information management and privacy protection. 

Conclusion

Overall, Immigration, Refugees and Citizenship Canada and Employment and Social Development Canada have put effective joint governance and risk management processes in place to support the integrity of Passport Program operations. Existing internal governance structures in each department also include committees responsible for providing oversight and decision-making to support Passport Program integrity.

Passport Program officials have designed several effective operational controls to safeguard passport integrity. While there are a number of internal controls in place to support passport application processing, certain elements of the control framework were not operating as intended. The specific areas where Passport Program [REDACTED]. Opportunities for improvement were also identified for elements of the Quality Assurance Program to enhance its effectiveness and the use of results data.

Management has accepted the audit findings and developed an action plan to address the recommendations.

Background

Introduction

In July 2013 Canada’s Passport Program became part of Immigration, Refugees and Citizenship Canada (IRCC). As mandated by the Canadian Passport Order, responsibilities of the Passport Program include issuing, refusing to issue, revoking, withholding, recovering, and providing instructions on the use of Canadian passports. At the same time, the Department of Employment and Social Development Canada (ESDC) assumed primary responsibility for domestic passport service delivery including the network of passport offices. Global Affairs Canada is responsible for delivering passport services outside of Canada at Canadian missions.

As part of the Passport Program a variety of passports and travel documents are issued. A passport is an official Canadian document that shows the identity and nationality of a person for the purpose of facilitating travel by that person outside of Canada and for Canadian citizens residing in Canada to facilitate their return home to Canada. These include regular, diplomatic, special and temporary passports as well as emergency travel documents. Emergency travel documents are issued to Canadians that are outside the country for direct return to Canada or to the nearest Canadian Government Office abroad where more comprehensive passport services can be obtained.  In addition, there are two other types of Canadian travel documents: Certificates of Identity and Refugee Travel Documents.

Canadians can apply for a passport through 34 passport-issuing offices across Canada and a network of 193 Service Canada and Canada Post receiving agents that offer Canadians broad access to passport services. Applicants can also mail their applications within Canada and the United States to a Central Processing Centre or submit applications via their Member of Parliament. Canada issues approximately five million travel documents a year.

Travel document integrity and security are important elements of the management and administration of the Passport Program to ensure that Canadians have internationally trusted travel documents that enable them to gain entry, often visa-free, to other countries and for Canadian citizens residing in Canada to facilitate their return to Canada. Authentication of identity, determination of eligibility and entitlement, policies and procedures designed to mitigate risks to program integrity, passport security features, biometrics, and administrative investigations, are all integral to maintaining and strengthening Passport Program integrity.

Audit Objective, Scope and Methodology

Audit objective and scope

The audit objective was to provide assurance that effective governance, risk management, and controls exist to support the integrity of Passport Program operations.

The audit scope focused on domestic passport issuance, quality assurance practices, intelligence and information sharing, and key control procedures. Passport Program administration and operations from February 2014 to September 2015 were assessed. The audit excluded services related to the delivery of passports overseas, the revolving fund, performance measurement processes, passport modernization initiatives, Certificates of Identity, Refugee Travel Documents, Official Travel Documents, and information management and privacy protection.

Methodology

The audit was conducted by the IRCC Internal Audit and Accountability Branch in collaboration with the ESDC Internal Audit Services Branch. This is in accordance with the Protocol Agreement that was signed in April 2014 between the Chief Audit Executives at IRCC and ESDC. The two audit teams carried out audit procedures within their respective departments based on the assigned areas of responsibility. The work covered both national and regional operations of the Passport Program. The following audit procedures were performed:

• Audit site visits were conducted across a variety of in-person passport offices and Service Canada Centres across all ESDC regions between June and August, 2015. Both passport processing and print centres and client call centres were visited as well as regional and national support functional units;
• Interviews were conducted with IRCC Headquarters management and staff in Ottawa, with ESDC Headquarters and regional management and staff in Gatineau and regional offices, as well as with staff at the passport offices and Service Canada Centres visited;
• Detailed operational process reviews and analysis were undertaken across all regional sites visited to observe the overall processes in place;
• Analysis of Passport Program data; and
• Review and analysis of documentation such as passport mandates and agreements, program governance records of decision, risk management reports, authentication procedures, and dashboard reports.

The audit observations, conclusions and recommendations are based on the work performed. The audit report is issued by IRCC as per the Protocol Agreement.

Statement of Conformance

The audit is in conformance with the Internal Auditing Standards for the Government of Canada as supported by the results of the quality assurance and improvement program.

Audit Findings and Recommendations

Governance related to the integrity of Passport Program operations

Criteria. It was expected that effective oversight bodies were established to support the integrity of Passport Program operations. Specifically, authorities, responsibilities and accountabilities were formally defined and clearly communicated.

Conclusion. Joint oversight bodies were established with clear mandates to support the integrity of Passport Program operations. Roles, responsibilities and accountabilities between IRCC and ESDC were defined and communicated. Both departments’ existing internal governance structures include committees responsible for providing oversight and decision making to support Passport Program administration.

Departmental Roles and Responsibilities

Both IRCC and ESDC have clearly defined roles and responsibilities related to the processing and issuance of passports within Canada.

IRCC

IRCC is responsible for developing Passport Program policies and establishing program integrity and quality assurance programs. IRCC also approves ESDC operational procedures and training to implement policy guidance

The Citizenship and Passport Operational Coordination Branch (CPOC) provides functional guidance to service delivery partners and internal stakeholders. Branch officials oversee the monitoring of overall Passport Program performance. The Branch is also responsible for the Passport Program Quality Management Framework (PPQMF) and establishing the Quality Assurance Program (QAP) parameters for which ESDC is responsible to implement.

The Program Integrity Branch (PIB) has responsibilities related to the integrity of the passport issuance process and the security and quality of travel document products, including passports. Program integrity components include incorporating adequate security features into all travel document products, entitlement and eligibility verifications, intelligence and information sharing, investigations and fraud detection, as well as, case and risk management decisions.

ESDC

ESDC is responsible for delivering the Domestic Passport Program through its Service Canada points of service across the country.

The Citizens Services Branch is responsible for national oversight of the service delivery and processing of passports undertaken by the ESDC regions. Service delivery activities include front end service delivery, passport processing, passport printing and mailing, telephone and e-mail client support services.

Oversight activities include:

• Developing and delivering training to Passport Program employees;
• Developing employee reference material;
• Undertaking quality assurance review activities; and
• Tracking and reporting on performance metrics.

Passport Program governance

In order to ensure a coordinated approach to delivering the Passport Program, a draft Memorandum of Understanding (MOU) established between IRCC and ESDC that outlines each Department’s roles and responsibilities. Although this MOU remains in draft, the terms are being adhered to by both parties.

A number of joint governance committees have been established to facilitate collaboration. A joint Deputy Minister-level Executive Management Board provides strategic direction to Program operational and administrative management. A joint Director General-level chaired domestic passport service delivery committee provides oversight on key management areas and controls for the delivery of the domestic Passport Program. A joint Director-level service delivery committee provides oversight and operational direction related to financial arrangements / investment proposals, and other day-to-day program delivery elements.

In addition, a joint Director-level Operational Consultation and Implementation Working Group is responsible for assessing the impact of policy instruments on service providers and partners and establishes implementation plans to ensure the required elements are in place to support implementation.

Authorities and accountabilities for the delivery of the Passport Program are defined and understood. Each joint committee’s Terms of Reference, mandates, objectives, meeting minutes, agendas and records of decision were documented at the time of the audit. Through the joint governance structure, IRCC and ESDC liaise and communicate with counterparts on emerging issues relating to compliance with policies and procedures, monitoring progress of key service delivery outcomes, and addressing issues as they arise. The governance structure serves as a forum for joint issue resolution and decision-making and also provides mechanisms to resolve issues if required. In addition, each Department’s internal governance structures support Passport Program administration and operations.

Passport Program Risk Management

Criteria. It was expected that Passport Program management uses a risk framework to identify, assess, mitigate and monitor key operational risks.

Conclusion. The governance structure in place to support Passport Program delivery includes processes that are working as intended to support operational risk management activities.

Risk management processes

Each of the joint governance bodies have responsibilities related to Passport Program risk management in accordance with each committee’s Terms of Reference. Authorities, responsibilities and accountabilities for assessing and monitoring risks are clear, understood and working as intended.

Within IRCC, as part of the annual integrated corporate planning process, Passport Program risks are identified and mitigation strategies are developed and included in the Departmental Corporate Risk Profile. Passport Program risk management and mitigation strategies are monitored quarterly by the Operations Performance Management Branch. Additionally, Passport Program issues are discussed at the appropriate Departmental or joint governance committee as required.

Passport Program integrity activities

The PIB has designed risk-based passport processing internal controls, which are included in the Passport Program Integrity Framework. This is the overarching Passport Program integrity guidance that integrates risk management, quality assurance and fraud deterrence and detection elements into IRCC’s operations. In addition, risk management is integrated into the PIB’s day-to-day activities in working with partner organizations to gather intelligence and share information on a systematic and ad-hoc basis. Information sharing agreements are in place with a number of key federal departments and agencies.

PIB officials conduct reviews and investigations to identify, investigate and respond to alleged fraudulent activities. The PIB investigates cases where an applicant is suspected of having provided false or misleading information and / or documentation in support of a passport application, where a passport is suspected of having been obtained through fraudulent means or improperly used following its issuance, and where criminality and / or mobility restrictions exist. In these cases, PIB officials have the authority to approve or refuse issuance of, or to revoke, a passport that had previously been issued based on the results of their analysis and / or investigation.

In addition, [REDACTED] to PIB officials for further examination.

Integrity of Passport Program Operations

Criteria. It was expected that sufficient controls exist to support Passport Program integrity.

Conclusion. Overall, existing operational controls were designed and applied across all ESDC regions and offices to achieve consistent passport entitlement decisions and to adequately control blank passport booklet inventory. Several key controls were integrated within passport processing, including data verification and physical inspection of passports during entitlement and printing processes. Certain elements of the control framework could be improved. [REDACTED]. Opportunities for improvement were also identified to strengthen the design and implementation of the QAP.

Controls to support the integrity of passport operations

Inventory management

Internal controls over the management and administration of blank passport booklets were in place and working as intended. The processes developed for inventory management, safeguarding documents, and inventory count reconciliations were being performed and operated as designed.

Program integrity

A number of key controls were designed and put in place to protect the integrity of the passport application review process. Threats and risks to the integrity of the Passport Program are analyzed and results are shared with Passport Program employees through various documents and reports. In addition, an alert system has been developed to provide information on a daily basis to passport issuing offices for when passport application referrals to PIB are mandatory for additional examination.

In accordance with the MOU, IRCC officials developed a mandatory referral grid for ESDC Passport Officers and Assistant Managers. This grid identifies high-risk applications that must be sent to PIB for review and decision-making. [REDACTED].

PIB conducts active risk monitoring activities that support Passport Program integrity controls. One of these activities is facial recognition whereby a passport applicant’s face is matched against an existing database of photos using an information technology software program. Another activity that PIB officials perform is an examination of damaged passports that are returned to the Government of Canada to determine the likely cause of the damage. PIB officials also share lost, stolen, suspended and revoked passport information with other departments and agencies to mitigate the risk that these invalid passports are used for unauthorized travel.

As well, IRCC officials conduct automated system data matches of application information to existing data within the passport information management system. Exception reports are generated daily for unmatched data which results in either ESDC Passport Officer correction for minor variances or further PIB official examination for more significant variances prior to passport issuance.

Other risk-based interventions involve analyzing and rendering decisions on high-risk cases such as children’s applications requiring custody determination, first time applicants lacking documentary evidence of citizenship, suspected guarantor and/or parental forgery, and, applicants providing biographical information that differs from what is inscribed on their source documents.

Performance of the guarantor verification

The guarantor verification (G-check) is a key control used to authenticate an applicant’s identity. A guarantor must be an adult holding a valid Canadian passport that has personally known the applicant for at least two years and is able to confirm personal details in an application. A guarantor is needed for all applicants required to use the Adult General Application form and for all applications for children under the age of 16. G-checks are completed by ESDC employees on applications based on formal risk criteria established by IRCC.  The risk criteria identify factors that can be used to determine whether mandatory G-checks must be performed and when they are recommended.

ESDC Passport Officers currently identify whether a G-check should be performed based on a manual assessment of the file [REDACTED]. The performance of G-checks is assessed as part of quality assurance reviews. According to QAP results for 2014-15, [REDACTED].

Passport Officers perform G-checks by telephone. While general guidance is included in the Passport Policy Manual, [REDACTED]. Of note, [REDACTED]. As such, it was expected that [REDACTED].

[REDACTED].

Currently, there are a number of initiatives underway that may lead to applicant identity authentication control improvements. For example, an electronic authentication control is currently being used by the Passport Program for applicants who present citizenship certificates that were issued on or after February 1, 2012. Electronic validation has proven to be an effective control to support the integrity of source documentation and improve data accuracy.

Finally, ESDC and IRCC have been collaborating on a broader Identity Linkages Project that could support passport modernization initiatives by allowing IRCC officials to have electronic connections to provincial data sources via ESDC's electronic connections with the provinces.

Recommendation 1: The Assistant Deputy Minister of Operations, in consultation with ESDC senior management, should [REDACTED] and that processes and procedures are regularly monitored through the Quality Assurance Program.

Facial recognition system

One control currently in place is for IRCC PIB employees to perform a facial recognition test when a passport application is being processed. Facial recognition technology is used to identify or authenticate identity by matching an applicant’s photograph against the passport database. The Passport Program uses a facial recognition system as part of the integrity measures to verify applicant identity.

The facial recognition software system is a standalone system and is managed by IRCC. The system runs simultaneously with Integrated Retrieval Information System (IRIS) – the main passport processing system. The two systems are not linked and a user has to log in to both systems to obtain information. If the [REDACTED] is partially mitigated by a number of manual controls that may be performed by Passport Officers.

As the Passport Program is assessing the requirements to migrate passport processing from IRIS to the Global Case Management System, there [REDACTED]. Investment decisions related to facial recognition solutions will be considered by IRCC senior management in collaboration with ESDC senior management as part of broader passport modernization initiatives.

Recommendation 2: The Assistant Deputy Minister of Operations, in consultation with ESDC senior management, should [REDACTED].

[REDACTED].

Recommendation 3:  [REDACTED]. 

Quality Assurance Program

The QAP allows for the verification of the quality and completeness of Passport Officer’s processing related to various program elements. These include establishing identity, confirming citizenship, determining eligibility for passport renewal, and determining custody for child passports. The QAP has been designed so that a statistically significant number of passport applications from each Service Canada passport processing office are selected for review. In fiscal year 2014-15, approximately 150,000 applications out of a total of 5 million passports were assessed in accordance with the QAP. Using a random sampling approach, the applications that were assessed were selected across all application types (first passport, adult renewals and children). Applications that undergo QAP assessments are reviewed by teams of Quality Assurance Officers located in each region of Canada, which contributes to process consistency across the service network.

QAP design effectiveness

During the period from April 1, 2013 to March 31, 2015, the monthly processing error rate identified in QAP assessments averaged 10 percent. This processing error rate reflects the percentage of errors that were made during the passport application review process prior to approval or refusal of an application. It does not represent passports released to the public with an error.

A number of key controls designed to detect and prevent errors, such as data verification and a data matching review of passports, are performed after the processing steps are reviewed, and prior to the release of a passport. As such, the QAP results are not a true indicator of an overall passport quality error rate. The final error rate on passports released containing an error, including errors related to applicant eligibility, is not tracked.

The QAP sampling approach in place [REDACTED]. The distribution of applications is randomly generated across the types of passport applications in the QAP population. For example, [REDACTED] 56 percent of all files reviewed (about 82,000) in 2014-15 as part of the QAP, were [REDACTED]. A risk-based approach would optimize available resources devoted to sampling and ensure key areas of the application processing are assessed to maximize the effectiveness of the QAP. It should be noted that passport applications deemed to be higher risk are referred to the IRCC PIB for in-depth secondary review.

Passport Officers are informed in advance when an application file they created in IRIS has been selected for quality review. Informing employees in advance of the review potentially impacts the results since Officers may take more time and process the application with greater scrutiny. In addition, Passport Officers also have the ability to defer the quality review for a subsequent, less complex application.

Use of QAP results

QAP results and recurring processing errors (identified as “top errors”) are regularly reported via a weekly dashboard. Although these dashboards are produced, there is no formal mechanism in place to identify potential improvements based on the QAP top error results. [REDACTED].  

Additionally, individual employee QAP results are not provided to their managers. Managers could use this information to identify individual training gaps, coaching needs, guidance material, or changes required to procedures. The Quality Assurance Officer provides feedback to employees on QAP errors and employees are required to correct them. Given the existing QAP information limitations, some regional passport offices are using alternate information sources to evaluate employee performance.

Improving quality assurance

During the audit examination phase, CPOC officials started an initiative to develop a new PPQMF. CPOC is in the process of developing an implementation plan for IRCC senior management approval. The intention is to evaluate the existing QAP and integrate selected elements into a broader quality management framework.

Recommendation 4: The Assistant Deputy Minister of Operations, in consultation with ESDC senior management should review and revise the Quality Assurance Program approach and methodology to improve oversight and monitoring. Key elements should include: 1) developing a risk-based approach to sample files for review; 2) enhancing the sample selection process used to conduct the QAP assessments of files; and, 3) specifying how QAP results will be used to improve overall processing and individual Passport Officer performance.

Conclusion

Overall, IRCC and ESDC have put effective joint governance and risk management processes in place to support the integrity of Passport Program operations. Existing internal governance structures in each department also include committees responsible for providing oversight and decision-making to support Passport Program integrity.

Passport Program officials have designed several effective operational controls to safeguard passport integrity. While there are a number of internal controls in place to support passport application processing, certain elements of the control framework were not operating as intended. The specific areas where Passport Program integrity controls could be strengthened related to [REDACTED]. Opportunities for improvement were also identified for elements of the QAP to enhance its effectiveness and the use of results data.

Management has accepted the audit findings and developed an action plan to address the recommendations.

Appendix A – Management Response and Action Plan

Recommendation 1

The Assistant Deputy Minister of Operations, in consultation with ESDC senior management, should [REDACTED] and that processes and procedures are regularly monitored through the Quality Assurance Program.

Management Response

Passport Program management accepts this recommendation.

In consultation with ESDC and other relevant stakeholders, the processes and procedures for guarantor verifications [REDACTED] to all appropriate service delivery partners.

[REDACTED].

In order to monitor compliance with this guidance, targeted quality assurance exercises will be developed and integrated into the over-arching Quality Management Framework by end of fiscal 2016-17.

All management action plan items to address this recommendation will be completed by March 2017.

OPI: Assistant Deputy Minister, Operations
Due Date: March 31, 2017

Recommendation 2

The Assistant Deputy Minister of Operations, in consultation with ESDC senior management, should establish an [REDACTED].

Management Response

Passport Program management accepts this recommendation.

In consultation with ESDC and other stakeholders, and appropriate financial, operational and system stakeholders, a commitment will be made to advance the approval and [REDACTED].

[REDACTED] and integrated into the passport module of the Global Case Management System (GCMS) in the context of the ongoing Passport Program Modernization Project. This is scheduled to be completed during Phase 3 of the Passport Program Modernization Project (timing of project deliverables is currently under review).

[REDACTED].

All management action plan items to address this recommendation will be completed by September 2018.

OPI: Assistant Deputy Minister, Operations
Due Date: September 30, 2018

Recommendation 3

[REDACTED].

Management Response

[REDACTED].

OPI: [REDACTED]
Due Date: [REDACTED]

Recommendation 4

The Assistant Deputy Minister of Operations, in consultation with ESDC senior management should review and revise the Quality Assurance Program approach and methodology to improve oversight and monitoring. Key elements should include:

1. developing a risk-based approach to sample files for review;
2. enhancing the sample selection process used to conduct the QAP assessments of files; and
3. specifying how QAP results will be used to improve overall processing and individual Passport Officer performance.

Management Response

Passport Program management accepts this recommendation.

In consultation with ESDC and other stakeholders, the Quality Assurance Program will be reviewed and amended as required in order to improve oversight and monitoring. In support of this commitment, the current QAP approach is being reviewed as part of the development of a more broadly scoped Quality Management Framework (QMF).

The key elements included in the review are:

1. The sampling structure of the current QAP will be reviewed to propose a more risk-based approach by moving away from a general percentage sample size towards statistically valid sampling of specific application types.
   Through the QMF, mechanisms will be put in place to ensure trends, areas of concern and risks are integrated and fed into the development of targeted exercises.
2. The sample selection process whereby Passport Officers are advised in advance that their file was selected for QAP, (and can defer the review to a less complex application) will be reviewed.
3. As part of the QMF, a Continuous Improvement Process will be developed, including tracking and communication tools, to ensure QMF results will be used to improve overall processing.

IRCC will explore the feasibility of using the QAP results for individual Passport Officer performance.

All management action plan items to address this recommendation will be completed by March 31, 2017.

OPI: Assistant Deputy Minister, Operations
Due Date: March 31, 2017