Skip to main content
Open this photo in gallery:

A person holds a smartphone set to the opening screen of the ArriveCan app in a photo illustration made in Toronto on June 29, 2022.Giordano Ciampini/The Canadian Press

An investigation of ArriveCan spending has found outsourcing companies repeatedly won contracts by listing subcontractors who ultimately did no work, one of many findings that led the federal procurement ombudsman to conclude contracting rules were not followed.

The report specifically singles out contract work by two-person IT staffing company GCStrategies, saying the company frequently failed to prove that its proposed team of subcontractors had the résumés and work experience required.

The watchdog found “numerous examples” where GCStrategies “had simply copied and pasted” the required work experience listed by the government in a points grid to describe the skills and experience of the company’s proposed subcontractors.

The report questions why the government used criteria that “were overly restrictive and favoured” GCStrategies, resulting in the company winning a competition for a $25-million general IT services contract after no other bids were submitted.

The report by Procurement Ombudsman Alexander Jeglic is the first of what is expected to be several findings from various watchdogs, committees and government departments into how the cost to build and maintain the app for cross-border travellers came to exceed $54-million. The Office of the Procurement Ombudsman (OPO) released the report Monday as parliamentary sittings resumed.

The report provides a sense of some of the issues that are likely to be described more broadly on Feb. 12, when Auditor-General Karen Hogan releases her report into contracting issues related to ArriveCan.

The House of Commons requested the Auditor-General’s ArriveCan audit in a 174-149 vote over a year ago, shortly after The Globe and Mail first reported on the app’s growing cost and the federal government’s heavy reliance on outsourcing.

The procurement watchdog review examined 41 ArriveCan-related procurements. In many cases, the ArriveCan work was conducted through a Task Authorization (TA), essentially a carve-out for a specific job, tied to larger contracts for general IT services.

The report says the system is designed so that companies bidding on government work submit proposals describing the skills of specific individuals, referred to as resources, who would be subcontracted to perform the required tasks. In this points-based system, listing more experienced and qualified subcontractors increases the odds of winning the contract.

“In roughly 76 per cent of applicable contracts, resources proposed in the winning bid did not perform any work on the contract. When TAs were issued under these contracts the supplier offered up other resources, but not the individuals that had been proposed in order to win the contract. While it is recognized that there may be legitimate reasons for some proposed resources being unavailable, the number of times it occurred and the absence of file documentation explaining why these resources were not made available raised serious concerns with these contracts,” the report states.

Mr. Jeglic also sharply criticized the government’s public disclosure policies related to contracting, pointing out that 41 per cent of the ArriveCan-related contracts were not fully disclosed online as required.

“As discussed throughout this report, OPO found practices for awarding competitive and non-competitive contracts, for issuing TAs and service orders, and for proactive publication of contract information that were inconsistent with government policy and that threatened fairness, openness and transparency for government procurement,” the report concludes.

The three departments connected to the ArriveCan contracts – Canada Border Services Agency, Public Services and Procurement Canada and Shared Services Canada – responded by saying they accept Mr. Jeglic’s policy recommendations for improvements and listed planned changes. The CBSA said it is strengthening its processes and controls related to procurement planning, contract administration and corporate culture “to reduce the risk of fraud.”

The Ombudsman’s report is in response to a Nov. 14, 2022 request by the Commons committee on government operations, which is holding extensive hearings into issues related to ArriveCan and procurement. The committee agreed last year to expand its hearings to include allegations of contracting misconduct raised by Montreal software company Botler, which did not work on ArriveCan, but worked with the CBSA on a project that involved some of the same public servants and contractors, including GCStrategies.

Botler’s co-founders submitted a report to the CBSA leadership in November, 2022 that made several allegations of contracting misconduct, including that their work experience was inflated in résumés submitted to the federal government without their knowledge or consent.

After receiving that report, CBSA president Erin O’Gorman launched an internal investigation and referred Botler’s allegations to the RCMP.

In connection with that review, two senior officials who worked on ArriveCan at the CBSA, Cameron MacDonald and Antonio Utano, have been suspended without pay. The two men deny any wrongdoing and said they have not been presented with clear reasons for the suspensions.

Botler co-founders Ritika Dutt and Amir Morv said in an e-mail Monday that it is “very encouraging” to see the procurement watchdog validate their initial concerns.

“When Botler made the extremely difficult decision to come forward to The Globe and Mail on our findings regarding misconduct, we had one aim: to draw attention to issues with current procurement practices so that they can be acknowledged and rectified,” they said. “It is also promising that the CBSA has agreed with the report and is introducing action plans, in addition to steps taken over the past few months.”

Botler’s concerns primarily focused on their interactions with Kristian Firth, the managing partner of GCStrategies, who initially said he was reaching out to them on behalf of Mr. MacDonald, who was then a director-general at the CBSA.

GCStrategies has received $11-million related to ArriveCan and more than $59-million in federal contract work since 2017. The company has said neither of its two employees perform IT work themselves. Instead, they subcontract the work and keep a commission of between 15 and 30 per cent of the total contract value.

The Globe has previously reported that IT staffing firms submitted contracting reports to the federal government about Botler’s two co-founders that dramatically inflated their work experience and in one case included a detailed description of a company that doesn’t exist.

During a November, 2023 committee appearance, Mr. Firth acknowledged that he submitted inflated work experience records to the government related to Botler, but said it was a rare error.

“This regrettable mistake was not intentional and in no way determined the awarding of the contract,” he said, later adding that it would not have influenced pay rates. He described it as a mistake that was “made once” and “is not something I do frequently.”

However, Monday’s ombudsman’s report found widespread issues related to GCStrategies’ use of résumés and experience grids that were submitted to win government work.

“The assessment worksheets for resources added through TAs under a contract awarded to GCStrategies Inc. stood out from others,” the report states. “There were numerous examples where the supplier had simply copied and pasted requirements from mandatory and point rated criteria as project experience of the resource.”

Mr. Firth did not respond to a request for comment Monday.

In another finding, the report said the federal government awarded GCStrategies a $13.9-million contract without competition in April, 2020, the same month that ArriveCan was launched, with a requirement that the company hold a specific designation for security related to document protection.

“File documentation showed GCStrategies Inc. did not meet the Document Safeguarding Capability security requirement when it was awarded the contract. An e-mail on file dated April 6, 2020 from PSPC security indicated the GCStrategies’ Document Safeguarding Capability as ‘NIL,’” the report states.

Public Services and Procurement Canada told the ombudsman that the CBSA had advised it a year later that the document safeguarding requirement did not apply.

“This does not explain, however, why the contract was issued to a supplier that did not meet the security requirement in effect when the contract was awarded,” the report states.

Editor’s note: This article has been edited to correct the name of Public Services and Procurement Canada.

Follow related authors and topics

Authors and topics you follow will be added to your personal news feed in Following.

Interact with The Globe