Follow-up Audit of CRA Contracting Processes
Corporate Audit and Evaluation Branch
November 2006
Table of Contents
Executive Summary
The Internal Audit Division, Corporate Audit and Evaluation Branch (CAEB), completed a National Internal Audit of Contracting Processes in September 2004. Significant inconsistencies in the application of procurement policies, procedures, and practices were found in the regions and headquarters branches, which resulted in a high level of non-compliance. Weaknesses in the management framework such as inadequate policy direction, insufficient training, a lack of common understanding of delegation of authorities and agreement on accountabilities, responsibilities and priorities and ineffective monitoring of procurement activities failed to ensure that acquisitions were carried out in a transparent, equitable and cost effective manner.
The Administration Directorate (AD) of the Finance and Administration Branch (F&A) developed a 4-point action plan to address the recommendations from the Audit. Measures identified in the plan included changes to delegated authorities, increased training and improvements in communication, the development of contracting tools, and increased oversight by senior management.
Objective : The objective of this audit was to follow-up on the progress of the implementation of the action plans developed from the National Internal Audit of Contracting Processes reported in September 2004 and to report on the level of compliance with the Agency's procurement policies, procedures, regulations, and legislation.
The follow-up audit covered the period from September 2004 to June 2005 and was conducted in 2005-2006. The methodology included a review of management action plans as well as a detailed test of transactions to determine compliance. It should be noted that this was a transitional period for the contracting function, with several management and process improvement initiatives that were in progress at the time, and for which the impacts could not be fully assessed as part of this follow up audit.
This audit was conducted in accordance with the International Standards for the Professional Practice of Internal Auditing.
Conclusion: Overall, the progress made on the implementation of the 4-Point Action Plan has been satisfactory. The capacity in the Agency to manage the contracting process has been enhanced, delegated authorities are no longer decentralized, and communications to contracting officers and budget managers to support them in carrying out their responsibilities have improved. Progress has been slow with some aspects of quality assurance and monitoring.
The table on page 3 provides more details on the progress on the 4-Point Action Plan.
Based on the review of the statistical sample of 273 contracts, the audit found that 82% of the contracting files were in compliance with the Agency's contracting policies. This is a significant increase over the results from the previous audit when only 44% of files were found compliant. While additional improvements are required in order to further improve the compliance rate, it should be noted that since the follow-up audit, the AD has taken steps to remove delegation from regions and centralize regional procurement activities in a single centre. The effectiveness and timing of this recent action taken in April 2006 was outside of the review period of the follow-up audit.
Action Plans: The Administration Directorate (AD) and the Financial Administration Directorate (FAD) of the Finance and Administration Branch (F&A) agree with the recommendations and have provided action plans to address the findings of the audit and to further strengthen the contracting process in the Agency.
The AD plans to expand its monitoring efforts by increasing resources to support the quality assurance reviews and other monitoring activities, and will follow up on instances of non-compliance with contracting policies and procedures. The AD will continue to remind the staff of the importance of having complete documentation on file. The AD has also indicated that they will follow up on instances where payments without reference have been made for purchases, and have taken steps to improve on the accuracy of the Agency's report on disclosure of contracts.
The AD will also develop more hands-on training for contracting officers, and will continue to support the contracting community by holding the monthly conference calls and videoconferences, and by issuing guidance documents (The Advisor) on the Agency's Intranet site. A training profile was developed for the Contracting Officers who support regional contracting needs through the new Centre of Professional Services established in April 1, 2006, in Laval, Quebec. The AD has also developed in fiscal year 2005-2006 a draft procurement training profile based primarily on the Treasury Board Certification Program for Procurement, Materiel Management and Real Property. A draft of the training framework for procurement has been developed and will be presented to the Directorate senior management by end of November 2006. Finalization is expected by quarter four of 2006-2007.
Table 1 – Summary of the Progress on the 4-Point Action Plan
| 4-Point Action Plan Commitments - 2004 | Rating | Follow-up Audit Findings - 2006 |
|---|---|---|
| 1. Enhancing the capacity in branches/regions to manage contracting process | ||
| Review and address the capacity in HQ branches and regions to manage the contracting process through the implementation of a standard organizational model. |  |
Regional re-organization of procurement activities was completed in August 2004. All of the regional procurement activities were centralized in April 2006 into one centre of professional services for contracting. (pp. 5-6) |
| Remove the contracting authority from budget holder and place with employees with contracting expertise. | |
Employees with delegated procurement authority reduced in September 2004 from 1100 to 100. Procurement officers are now primary holders of these authorities. (p. 5) |
| Revise the contracting delegation matrix to ensure segregation of duties (budget holder/contracting officer/finance officer). | |
CRA contracting delegation matrix revised effective August 31, 2004. New roles and responsibilities were widely communicated at the time and Service Level Agreements have been established between AD and the program areas that no longer have contracting authorities. (pp. 6-7) |
| 2. Improving training and communications | ||
| Improve the training and communications to support contracting officers and budget managers. |  |
CRA's “Procurement Place” on Infozone regularly updated by the Administration Directorate (AD). Monthly videoconferences held by AD with HQ and regional procurement officers. Budget managers must complete an online test to obtain Financial Administration Act Section 34 signing authority. (p. 8)No formal training framework has been implemented for procurement officers. Limited training for procurement officers given on contracting during the audit period. (p. 8) |
| 3. Developing tools to improve contracting practices | ||
| Promotion of E-procurement and acquisition cards for a range of commodities and for large contract standing offers available. | N/A | This specific action has not been included in the scope of this audit and will be covered by a specific internal audit, which commenced in 2006-2007. |
| Improvements to Corporate Administrative Systems (CAS) | |
No material errors were found in CAS procurement data. CAS procurement roles have been reviewed and actions taken to remove unauthorized users. AD needs to continue to review the assignment of CAS roles. (p. 9) |
| Enhance monitoring and quality assurance (QA) frameworks and practices | |
Additional resources for the QA and monitoring function are still required to fully meet operational needs. Some improvements to the scope and nature of reviews have occurred, and the results of the audit of contracting files suggest a significant increase in the levels of compliance. (p.10) |
| 4. More effective corporate oversight | ||
| Regular reporting to the Commissioner and the Agency Management Committee (AMC) on contracting issues and contract awards over $1 Million. | |
The Commissioner and AMC have received reports on contracting as required. A notification is drafted on a weekly basis for AMC with a brief summary of the contracts estimated at $1 Million or more. Improvements to the accuracy of reporting are needed, such as in the Disclosure report. (pp. 11-12) |
| The Information Technology Procurement Strategy Committee (ITPSC) will review all contracts with potential risk and/or values over $1 Million. | |
The ITPSC meets on a regular basis to review Agency contracts. F&A Branch Management Committee (BMC) chaired by the Agency's Chief Financial Officer (CFO) meets on a regular basis to review any large non-IT related contracts. (p. 11) |
Rating Legend:
Action fully completed
Satisfactory progress to date
Unsatisfactory progress to date
X No action taken
N/A Not applicable
Introduction
The Internal Audit Division, Corporate Audit and Evaluation Branch (CAEB), completed a National Internal Audit of Contracting Processes in September 2004. Significant inconsistencies in the application of procurement policies, procedures, and practices were found in the regions and headquarters branches, which resulted in a high level of non-compliance. Weaknesses in the management framework such as inadequate policy direction, insufficient training, a lack of common understanding of delegation of authorities and agreement on accountabilities, responsibilities and priorities and ineffective monitoring of procurement activities failed to ensure that acquisitions were carried out in a transparent, equitable and cost effective manner.
The Administration Directorate (AD) of the Finance and Administration Branch (F&A) developed a 4-point action plan to address the recommendations from the Audit. Measures identified in the plan included changes to delegated authorities, increased training and improvements in communication, the development of contracting tools, and increased oversight by senior management.
Focus of the Follow-up Audit
The objective of this audit was to follow-up on the progress of the implementation of the action plans developed from the National Internal Audit of Contracting Processes reported in September 2004 and to report on the level of compliance with the Agency's procurement policies, procedures, regulations, and legislation.
The audit covered the period from September 2004 to June 2005, during which time the overall value of contracting [Footnote 1] activities managed by the Agency was $236 million. The examination phase was conducted in 2005-2006. The methodology included a review of management action plans as well as detailed testing of transactions to assess compliance. Interviews were conducted with selected budget managers and contracting staff in the Pacific, Ontario (south), Québec, and Atlantic regions, and in all branches in Headquarters.
It should be noted that this was a transitional period for the contracting function, with several management and process improvement initiatives that were in progress at the time, and for which the impacts could not be fully assessed as part of this follow up audit.
E-procurement, the Web Based Rapid Order (WBRO) system, and the use of acquisition cards were not included in the scope of this follow-up audit. They will be the subjects of a specific audit included in the CAEB Business Plan for 2006-2009.
This audit was conducted in accordance with the International Standards for the Professional Practice of Internal Auditing.
Findings, Recommendations, and Action Plans
A. Progress on Implementing the 4-Point Action Plan
The 4-Point Action Plan is summarized as follows:
1. Enhancing the capacity in branches/regions to manage the contracting process – organizational model;
2. Improving training and communications;
3. Developing tools to improve contracting practices; and
4. Implementing more effective corporate oversight of the contracting processes.
Since September 2004, progress has been achieved on a number of measures in the action plan. The Administration Directorate (AD) has the responsibility of ensuring that the 4-Point Action Plan is implemented. A Business and Field Re-engineering Report, listing a number of activities, is prepared monthly, and it is submitted to the Director General of the AD and the Assistant Commissioner of the Finance and Administration Branch (F&A). However, monitoring of the progress of each element of the action plan has been incomplete and not clearly structured. In addition, the AD did not establish performance indicators to measure or report on the progress, nor have they measured the effectiveness of the actions taken to support the 4-Point Action Plan by way of assessing the compliance.
Recommendation
The AD should ensure that there is a mechanism in place to measure and report on the progress of the 4-Point Action Plan, and the effectiveness of the actions taken in improving the compliance of CRA's contracting activities with policies and procedures.
Action Plan
In March 2006, the Business and Field Re-engineering Report was revised to include additional information such as contracting statistics and procurements approved by the Information Technology Procurement Strategy Committee and the F&A Branch Management Committee.
1. Enhancing the Capacity in the Branches/Regions to Manage the Contracting Process – Organizational Model
Roles and responsibilities
Effective August 31, 2004, a limited number of CRA employees kept their procurement delegated authorities with the number decreasing significantly, from over 1100 to about 100. The designated procurement specialists (DPS) in each region are the primary holders of delegated procurement authorities, as well as some senior managers based on the delegation of procurement authority of their respective region or branch.
The delegated procurement authority thresholds were reduced from $100K to 25K for goods and from $200K to $89K for services. This change affected all regions, and four headquarters branches. The AD took over the full responsibility for contracting of goods and services for the remaining seven headquarters branches.
The changes effected in August 2004 were widely communicated through a memorandum to Senior Management and specific training sessions for all budget managers and employees involved in procurement across the Agency. This material was also incorporated into the EX-SM training program. Several policies and guidance documents (The Advisor) were revised and have been published since September 2004 to clarify procedures and expectations for managing contracts.
Through interviews, procurement staff indicated they clearly understood their roles and responsibilities. Budget managers indicated that they did not fully understand their respective procurement roles and responsibilities. Similar concerns were also raised in the previous audit. Some budget managers commented that they had approached a vendor directly to discuss contractual matters prior to initiating a formal contract (such as obtaining a quote, details of goods/services to be provided, etc.) without involving procurement officers. This practice may present potential risks to the Agency, as the manager may have unknowingly entered into a verbal contract.
In October 2005, the AD made further changes to its organizational structure and undertook to reorganize and centralize the regional procurement activities into one centre of procurement expertise in Laval, Quebec. This action was taken to further enhance the governance framework and accountabilities and to increase consistency in the contracting activities.
Recommendation
The AD should continue to provide awareness and training sessions for budget managers to clarify the roles and responsibilities with respect to contracting.
Action Plan
To support budget managers in becoming aware of their respective roles and responsibilities with respect to contracting, the AD continues to participate in the Management Group Learning Program and is currently contributing to the development of the sessions to be given to regional managers early next fiscal year. Also, the AD's Web site has been enhanced in fiscal year 2005-2006 to provide a Manager's Corner for budget managers for easy access to contracting information. In May 2006, the AD developed the budget manager's “Guide to Procurement”, which walks budget managers through the contracting process and explains their roles and responsibilities related to each phase. The AD has also struck a review committee to maintain the Guide and to develop a list of frequently asked questions (FAQs).
Service to Clients
Since the Administration Directorate has taken over full responsibility for contracting of goods and services for the seven headquarters branches as well as for transactions above the delegated thresholds for the regions, there was a need to provide clarity of roles, responsibilities, and expectations of services. Therefore, one of the AD's actions noted in the 4-Point Action Plan was to establish Service Level Agreements (SLAs).
Starting in September 2004, the AD established the SLAs with the seven headquarters branches. These SLA terms were explained to all HQ branch representatives and to AD staff through communiqués, face-to-face meetings and presentations. In addition, the AD met on an ongoing basis with SLA client representatives to discuss procurement issues and potential upcoming requirements. The AD has also developed procurement service standards that were made available on the CRA's Intranet.
However, the majority of the budget managers interviewed from these branches indicated they were not aware of the formal SLAs between their branch and the AD or of the service standards. None of the SLA documents were available in both official languages. Where regions and branches kept limited procurement delegation, no formal SLAs have been established.
Some budget managers voiced concerns that they were not satisfied with the level of service being provided, e.g., contracts not being prepared by the procurement staff in a timely manner and not providing enough information. In fiscal year 2005-2006, the AD implemented a client satisfaction survey.
Recommendations
The AD should establish formal SLAs with the regions and branches that have limited delegation to support their complete contracting needs.
The AD should continue to monitor client satisfaction with the level of service provided and take measures, as required, to ensure an effective client working relationship.
Action Plans
For regional service delivery, our service levels and roles and responsibilities were communicated informally to regional representatives. Once the Laval Centre of Professional Services for Regional Contracting is fully functioning in early 2007, formal SLAs for its service delivery will be established. Negotiations of SLAs with remaining HQ branches are currently ongoing.
Since 2004-2005, the AD's ongoing discussion with SLA client representatives and with the regions resulted in numerous changes to its services model. For example, a review and implementation of a streamlined approach for low-dollar procurement is now underway.
2. Improving Training and Communications
One of the key commitments in the 4-Point Action Plan was to improve training and communications and to develop specific training profiles for procurement officers.
Since the September 2004 audit, revisions have been done on the procurement portal of CRA's Intranet site and training has been offered. Monthly videoconferences were held with procurement staff to discuss emerging issues related to contracting in the Agency and to communicate upcoming changes to procedures. The majority of formal training sessions offered to procurement staff have been on the use of acquisition cards and Web Based Rapid Order (WBRO) system training. A limited number of training sessions were provided on contracting as some of the sessions were put on hold pending the regional reorganization and the centralization of the procurement function in Laval, Quebec.
All interviewees commented on the need for better training on Corporate Administrative System (CAS) as the training modules are not user friendly nor do they cover all aspects of daily operations to support input of contracting information. Interviewees also expressed that CAS training has not been well integrated. Limited monitoring has been carried out by the AD to make certain those individuals that require training are identified and provided with this training in a timely manner. At the time of the audit, the AD did not have a formal training plan, or specific training profiles for procurement staff.
The original audit found that some managers who only had financial signing authority (section 34 of the Financial Administration Act (FAA)) mistakenly signed purchase orders and/or contracts. Since the audit, a new process has been put in place by F&A that requires all new budget managers to complete an online training exercise before they are granted the FAA signing authority and delegation.
Recommendations
The AD should develop and communicate training profiles for all procurement staff. The AD should also offer training that meets the needs of the procurement officers.
Action Plans
A training profile was established in early fiscal 2006 for those contracting officers who will support the regional contracting needs in the Centre of Professional Services for Contracting in Laval. Training activities began early in 2006-2007.
The AD has developed a draft purchasing group (PG) training profile based primarily on the Treasury Board Certification Program for Procurement, Materiel Management, and Real Property. A draft of the training framework for procurement has been developed and will be presented to Directorate senior management by end of November 2006. Finalization is expected by quarter four of 2006-2007.
Developing Tools to Improve Contracting Practices
3. Developing Tools to Improve Contracting Practices
CAS
The September 2004 audit recommended that the AD actively explore the availability and acquisition of computer software that could be used in ongoing monitoring of procurement activities and that would permit timely analysis of CAS data and the identification and targeting of questionable transactions.
A contract for an integrated spend management (ISM) tool was awarded in September 2006. Implementation of the tool has begun and is expected to be completed within the next 18 to 24 months. The AD expects the implementation of this new tool will further streamline the procurement process and will improve monitoring and reporting of contract administration.
System Controls
The previous audit recommended that specific CAS roles, such as role 24(acquisition of goods and services), 25 (request goods and services), and 26 (approval of requisition), be reviewed to ensure that procurement responsibilities are appropriately segregated. Furthermore, the audit recommended that the Business Process Ownership of CAS role 26 be re-examined by the F&A Branch to ensure that management responsibilities for this role in CAS be aligned with the correct functional authority in the Branch.
There has been a significant improvement in the assignment and monitoring of CAS roles to ensure appropriate segregation of duties with respect to procurement responsibilities. The audit found that actions had been taken to remove procurement related roles from users who no longer required them.
Ownership of CAS role 26 has been assigned to the FAD. In December 2005, the FAD issued a memorandum to Agency Management Committee members advising them that this role would only be given to budget managers. The change should address issues concerning the assignment of the role and the segregation of duties.
Recommendation
The AD, in collaboration with the FAD, should continue to review CAS role holders to ensure that only those who require the roles have been assigned them.
Action Plan
The AD is currently participating in the CAS Security Role Review Project, which will outline how the AD will manage the roles for which it is the Business Process Owner. This initiative will ensure a monitoring process is in place and functioning as required. Role 24 will be used as a pilot by the AD and development of the process is currently underway. The AD anticipates completion by the end of fiscal year 2006-2007.
Monitoring
In September 2004, the F&A Branch committed to put measures in place to ensure tighter management of the contracting process and to enhance current monitoring and quality assurance frameworks. It was expected that the Compliance and Business Practices Division (CBPD) of the AD would expand its monitoring activities and finalize the Quality Assurance Program. F&A also committed to report on results of monitoring activities to senior management.
During 2005-2006, 228 QA reviews were conducted across the Agency by the CBPD. The CBPD indicated 60 contract files over $500K were reviewed at the Pre-award stage. Specific documentation was reviewed, such as Request for Proposal, approval documents, sole source justification, award dates, and bid evaluation. For Post-Award contracts, a total of 168 files were reviewed. The files were selected randomly. Contract clauses, file documentation, and procurement delegation approvals were the main issues reviewed. The deficiencies were noted within the individual file and the results of the review were then discussed with the delegated procurement specialist (DPS) and forwarded to the respective manager. Some potential trends are reported to AD management, such as additional training requirements or where policy revisions may be warranted.
The QA monitoring results were not rolled up in a summary document. No conclusions were drawn on the entire file population, nor was there an overall assessment of the results. This information could assist senior management in reporting on the effectiveness of actions taken concerning contract administration, and to make a determination of the overall compliance rate of contracting activities within the Agency.
The Contract Quality Assurance Program (QA) has not been fully implemented but it has been expanded to cover high-risk areas, such as purchases of software and contractors' liability. QA and compliance functions are conducted through a variety of activities under the overall QA framework. This includes reviews of After-the-Fact (ATF) contracts (i.e. contracts concluded after the actual procurement transaction occurred), disclosure reporting, acquisition card transactions, and high risk strategic sourcing.
The QA Program could be further enhanced to include other risk areas, such as task authorizations against the Information Technology Professional Services Supply Chain (ITPSSC) as they do not form part of the post-award QA monitoring process. Proper monitoring of the procurement process is essential to provide timely and adequate assurance that contracts comply with policy requirements.
Information is gathered monthly by the AD on contracts awarded and validated with the DPS in the branches and regions. This information is then used to generate various reports for Senior Management, e.g., the Disclosure Report, Quarterly Report for the Commissioner, and, finally, the Core Report, which is sent to the Treasury Board Secretariat. These reports provide information on all contracts that have been awarded by the Agency, as well as meet the legislated reporting requirements.
Recommendation
The AD should finalize and fully implement their QA framework, including the development of a more robust risk assessment model.
Action Plans
Roles and responsibilities were established for each review process and a post contract award review process was established for all commodities considered to be sensitive such as software and contracts limiting a contractor's liability, and ITPSSC. Centralization of regional files in Laval should enable a more focused and responsive monitoring process.
In 2006, a QA monitoring tool is being developed to assist in the recording and reporting of pre and post contract award reviews. This will ensure timely and constructive feedback to contracting officers. The post award review process, part of the QA Program, will include a review of the contract file, CAS data, Contract Disclosure Report, and the Payment Without Reference Report. The tool is currently in place and awaiting user testing before implementation in quarter four of 2006-2007.
4. Implementing More Effective Corporate Oversight of the Contracting Process
After the 2004 audit, a commitment was made by AD management to provide more regular reports to the Commissioner and the Agency Management Committee on contracting issues and contract awards. The follow-up audit found reporting mechanisms were in place to report on contracting activities in the Agency. Various reports are being tabled at Senior Management committees when required. A weekly contract award summary is sent to inform the Assistant Commissioner (AC), F&A Branch, of any contract awards over $1 Million. This information may be communicated to the Commissioner and Agency Management Committee (AMC) at the AC's discretion.
During fiscal years 2004-2005 to 2005-2006, the Agency's Information Technology Procurement Strategy Committee convened on a regular basis to discuss and approve high-risk and/or contracts over $1 million related to information technology. Similarly, non-IT related contracts over $1 million were regularly discussed and approved at F&A Branch Management Committee meetings.
In August 2005, the AD requested information from branches and regions on all ATF contracts of more than $10,000. This information is rolled up quarterly in a summary report for the Commissioner. Procurement officers interviewed said they would benefit from receiving more information about ATF contracts, such as these quarterly reports, so they could determine where improvements need to be made to reduce occurrences.
Following a government announcement on March 23, 2004, a new policy required the mandatory publication of contracts over $10,000, with limited exceptions. The Agency's Web site is updated quarterly to report on new contracts awarded. This report, called the Disclosure Report, is also sent to the Commissioner.
A test was performed, as part of the follow-up audit, to determine if all contracts were disclosed in compliance with the new disclosure policy. Based on the analysis performed of all contracts awarded between September 2004 and June 2005, 39 contracts with a total value of over $3 million had not been disclosed. Detailed information was provided to the AD during the audit for further investigation.
Recommendation
The AD should improve their controls to ensure the CRA accurately discloses and reports all contracts over $10,000 on its Web Site.
Action Plans
In the first quarter of 2006-2007, the AD proposed changes to the current process that will rectify many of the missed transactions. The AD has included the review of the contract disclosure report as part of its post contract award review process. This will provide a random validation of whether or not the contract was to be disclosed and if it formed part of the report. At the same time, the AD also clarified the requirements in the call letter for disclosure validation that should eliminate the source of the discrepancy. ITB now provides the AD with detailed reports that will allow analysis and matching of information and prevent missing transactions.
B. Compliance with Policies, Procedures, Regulations, and Legislation
To assess the effectiveness of the actions implemented since the last audit, the follow-up methodology included a review of contract files to determine if contracting transactions were in accordance with the Agency's procurement policies, procedures, regulations, and legislation and if the required information on file was complete.
Following policies and procedures is a fundamental part of ensuring that value is achieved for the investment in contracts. As in the original audit, the focus of the follow-up was therefore on assessing the extent of compliance with the basic rules in place for contracting rather than assessing whether the Agency received value for money in individual procurement transactions. Furthermore, while the follow-up audit assessed whether appropriate documentation of the receipt of goods and services was on file, it did not go to the extent of physically verifying whether goods and services had been received as this was not determined to be of high risk for the follow-up audit.
Audit Command Language (ACL) software was used to download and analyze procurement transactions from CAS, as well as generate a statistically valid, random sample of 273 transactions for review. Another analysis was also performed of higher risk contracts such as potential contract splitting transactions or non-compliance with delegated authorities. Contract splitting is the practice of unnecessarily dividing an aggregate requirement into a number of smaller contracts, thereby avoiding a competitive process or contract approval authorities. Recommendations resulting from the file review have been grouped at the end of this section of the report.
Results of Sample Testing
Based on the review of the statistical sample of 273 contracts, the audit found that 82% of the contracting files were in compliance with the Agency's contracting policies; this is a significant increase over the results from the previous audit when only 44% of files were found compliant. Details of the audit test findings can be found in Appendix A. The value of the contracts found to be non-compliant is not material.
Contracting files generally had better documentation to support compliance and the appropriateness of the contracting activities. Significant improvements were noted on the documentation of the justifications for solicitation procedures and for contract amendments. However, the percentage of after-the-fact contracts only slightly decreased from 7% to 6% since 2004. This percentage continues to be significant as these transactions expose the Agency to greater risks of liability.
While the majority of data for procurement transactions tested had been entered into CAS accurately and completely, the audit identified some occurrences where the solicitation procedure was coded incorrectly. These errors in coding can result in inaccurate reporting of contracting activities.
Targeted audit tests were carried out on 49 high-risk files to determine the extent of compliance with legislation, and Agency policies and practices. One of the purposes of the test was to determine instances of contract splitting. The audit concluded that a total of 6 contracts (12% of the targeted population for a total value of $74,000) were kept below the threshold to avoid competitive procurement processes.
The follow-up audit was not designed to specifically uncover fraud but auditors were alert to this as a potential risk and exercised due care in the completion of audit testing. No cases of fraud were identified in the sample of contracts selected as part of the follow-up audit.
The follow-up audit tests also identified other key risk areas where increased monitoring and supporting documentation is required to support the contracting process. These areas are the Information Technology Professional Services Supply Chain (ITPSSC), employer/employee relationships, and payments without reference.
- Information Technology Professional Services Supply Chain (ITPSSC)
In 2000-2001, the Agency initiated the ITPSSC procurement strategy to support program managers to quickly obtain preferred IT vendors at pre-negotiated fixed rates in the National Capital Region. A one-time competitive tender process was undertaken to award contracts to the preferred vendors who can provide specific services within one of the unique Streams (e.g., IT Architecture, Project Management). To support the selection of a specific vendor from the list, the ITPSSC guidelines state budget managers are required to provide a statement of work (SOW) to clearly define their requirements.
Key observations with respect to the targeted samples reviewed in the audit were:
- 27/35 (77%) contracts examined did not have a clear SOW with specific deliverables, nor deadlines nor a work description, as per the SOW template and guidelines posted on the AD's InfoZone;
- 24/35 (69%) contracts examined did not have any rationale to support the choice of the specific consultant (i.e., there was no documented evidence on file of any selection criteria or ratings completed of the selected contractor to show this step was performed to justify the selection made against other possible contractors).
Without a clear Statement of Work (SOW) document and supporting rationale to justify the choice made for a specific consultant, it is difficult to determine if the terms and conditions of the contract have been met, or if the budget manager has followed the Agency's contracting requirements.
- Employer/Employee Relationship
Situations were identified where contractors had been working in the Agency on contract on a continuing basis for a number of years. There is a potential risk of an employer-employee relationship being established.
- Payments Without Reference
Payments without reference (PWR) occur when goods or services are processed outside of the recommended procurement process or without a reference to a purchase order in CAS. The AD issued a bulletin (Advisor #69) in July 2005 defining the appropriate procedures to follow regarding these expenses. While some payments without reference are acceptable (such as payments for utilities), others could present a legal or financial risk to the Agency, as there is no written contract in place.
The audit included a review of 55 PWR with a total value of $289,000 between September 2004 and June 2005. There was limited rationale found in the documentation to support why these payments were not processed within the normal procurement procedures. While the dollar value is not material, these transactions were not monitored by the AD to ensure that they did not present risks for the Agency. For example, the audit found an instance where a PWR was used to avoid complying with thresholds for competitive procurement processes. Management was informed of these non-compliant transactions.
As an example of a good practice, since September 2004, the Atlantic region has been closely monitoring PWR and they have been able to address situations of non-compliance and promote adherence with the contracting policies. This mechanism has effectively reduced the number of non-compliant PWR in the region.
Recommendations
The AD should ensure procurement staff maintain complete and accurate procurement files, including appropriate justification and documentation to support the selection of specific suppliers. The mandatory use of a Procurement Summary or similar document on the procurement file would promote completeness and consistency of file documentation.
The AD should follow-up on cases where delegated procurement authorities were not respected and take appropriate corrective measures to prevent reoccurrence, as necessary.
The AD should provide procurement staff with guidelines concerning the proper coding of specific solicitation procedures.
The AD, in collaboration with FAD, should put a mechanism is place to monitor payments without reference and ensure they are in compliance with Advisor #69.
Action Plans
The AD will continue to provide training related to Advisor #72 (file documentation) in all of its training sessions and will send a reminder to the procurement community regarding the importance of maintaining accurate and complete file documentation in accordance with Advisor #72.
The AD has provided contracting officers with a summary of common coding errors to ensure consistency and enhance contracting data. This information is gathered through the monthly review of contracting data to support the Contract Disclosure Reporting process. This has resulted in a significant improvement in CAS coding.
Under the ITPSSC, several changes have been made since November 2005 to practically eliminate the issues raised during this audit. SOWs are being scrutinized by a dedicated AD resource and enhanced to assure we obtain value for money. In addition, proposed resources under the ITPSSC process are first being verified by the ITPSSC team to ensure the minimum qualifications are met before the client has an opportunity to assess the resource.
Concerns over the employer /employee relationship under certain contracting activities continue to be monitored and addressed with clients. SOWs are scrutinized, communiqués are sent to client organizations as an annual reminder (i.e., ITB) and we continue to work with clients in looking for options to acquire certain services by investigating other avenues. The AD has also recently revised and will distribute/publish a template letter that cautions project managers against developing an employer-employee relationship with contractors. HRB will be consulted with respect to how these situations should be handled in the future and who would be the Office of Primary Interest (OPI) for informing client organizations taking appropriate actions.
The AD is in the process of reviewing the After-The-Fact Contracting Directive and will consider changes to strengthen how the AD deals with cases where delegation of authorities is not respected. Revisions will be made to the Directive based on the results of the review.
Since the initial contracting audit, the AD has had on-going dialogue with FAD related to payments being made without reference to a contract. Progress has been made in this area. The AD agrees with the need to establish a mechanism to address PWR. Monthly reports are currently being generated and reviewed to identify commodities that should have been dealt with through the contracting process. AD will work with FAD to establish the monitoring and reporting process in quarter four of fiscal year 2006-2007. The E-Business Officer function will be responsible for this monitoring activity, which will ensure a national coverage.
Conclusion
Overall, the progress made on the implementation of the 4-Point Action Plan has been satisfactory. The capacity in the Agency to manage the contracting process has been enhanced, delegated authorities are no longer decentralized, and communications to contracting officers and budget managers to support them in carrying out their responsibilities have improved. Progress has been slow with some aspects of quality assurance and monitoring.
Based on the review of the statistical sample of 273 contracts, the audit found that 82% of the contracting files were in compliance with the Agency's contracting policies. This is a significant increase over the results from the previous audit when only 44% of files were found compliant. While additional improvements are required in order to further improve the compliance rate, it should be noted that since the follow-up audit, the AD has taken steps to remove delegation from regions and centralize regional procurement activities in a single centre. The effectiveness and timing of this recent action taken in April 2006 was outside of the review period of the follow-up audit.
The Administration Directorate (AD) and the Financial Administration Directorate (FAD) of the Finance and Administration Branch (F&A) agree with the recommendations and have provided actions plans to address the findings of the audit and to further strengthen the contracting process in the Agency.
Appendix A: Summary of File Review – Statistical Sample
| Criteria (as reported in the previous audit) | Less than $5K | $5K to $25K | $25K & up | Total # Files | Total % Files | Previous Audit Result (# of files) | Previous Audit % | Improvement Over Previous Audit |
|---|---|---|---|---|---|---|---|---|
| Total files reviewed | 40 | 120 | 113 | 273 | — | 321 | — | — |
| Total files in compliance | 31 | 96 | 96 | 223 | 82 % | 140 | 44 % | 38 % |
| Total files in non-compliance | 9 | 24 | 17 | 50 | 18 % | 181 | 56 % | 38 % |
| Level of Compliance with Policies, Procedures, Regulations and Legislation | ||||||||
| Key Documents | ||||||||
| 1. File available for review | 40 | 120 | 113 | 273 | 100 % | 303 | 94 % | 6 % |
| 2. Signed purchase order or contract on file | 39 | 115 | 112 | 266 | 97 % | 267 | 83 % | 14 % |
| 3. Solicitation procedure clearly documented (e.g., evidence of tendering, sole source justification). | 36 | 112 | 110 | 258 | 95 % | 249 | 78 % | 17 % |
| 4. Amendment record/justification on file – only 97 files had amendments | 9/9 | 28/34 | 49/54 | 86/97 | 89 % | 44/103 | 43 % | 46 % |
| Delegated Procurement Authorities | ||||||||
| 5. Document signed by persons with a sufficient level of procurement delegation | ||||||||
| A. Purchase order or contract | 33 | 112 | 106 | 251 | 92 % | 265/321 | 83 % | 9 % |
| B. Contract amendment – only 97 files had amendments | 8/9 | 27/34 | 46/54 | 81/97 | 84 % | 87/103 | 84 % | 0 % |
| After-the-Fact Agreements | ||||||||
| 6. PO created after the delivery date | 4 | 9 | 3 | 16 | 6 % | 22 | 7 % | 1 % |
| Contract Thresholds | ||||||||
| 7. Contract thresholds respected e.g., sole sourcing, trade agreements | 40 | 118 | 112 | 270 | 99 % | 311 | 97 % | 2 % |
** These results are based on CAS and hard-copy file review. The samples were drawn from the population of contracts in the 10-month period from September 1, 2004 to June 30, 2005, based on a 90% confidence level, +/- 5.
Footnotes
- [Footnote 1]
- For purposes of this report the words contracting and procurement are used interchangeably.
Page details
- Date modified: