Management Letter for the Core Control Audit of the Financial Consumer Agency of Canada

May 2018
Office of the Comptroller General

Management Letter

This management letter is presented to the management of the Financial Consumer Agency of Canada. It provides the detailed findings and recommendations against all criteria tested and aligns recommendations with the criteria to which they relate.

Transactions were selected from the period of April 1 to December 31, 2016.

As a result of this audit, the Financial Consumer Agency of Canada is required to develop a management action plan to address the recommendations provided in this management letter.

I thank you in advance for your timely cooperation.

Mike Milito, MBA, CIA, CRMA
Assistant Comptroller General
Internal Audit Sector
Office of the Comptroller General

Detailed Findings and Recommendations

Legend of Compliance Thresholds^{Footnote 1}

Met – Greater than or equal to 98% compliance
Partially Met – Greater than or equal to 80% and less than 98% compliance
Not Met – Less than 80% compliance

Directive on Delegation of Financial Authorities for Disbursements
Criteria	Findings	Compliance
i) Delegation of Financial Authorities for Disbursements Delegation instruments are appropriate, current, approved in accordance with the directive.	The Delegation of Financial Signing Authorities Matrix was approved by the Commissioner on December 4, 2015, and was approved by the Minister of Finance. Although the Minister of Finance approval was not dated, FCAC received the approval on February 11, 2016 which is within the required 90-day period from the arrival of a new minister. In addition, the Financial Signing Authorities Matrix aligns with the Directive on Travel, Hospitality, Conference and Event Expenditures. It also aligns with Contracting Policy limits. Furthermore, controls over signature cards were reviewed based on the signature cards that were part of the sample. The following exceptions were noted: Signature specimen cards had been authenticated by the Deputy Chief Financial Officer (DCFO), had an effective date, and the authorities granted in the card aligned to the Delegation of Financial Authorities Matrix. However, none of the cards had an “approved” date, so it was unclear when the incumbent’s superior had formally designated that person; and There was no evidence of a formal, annual review of signature specimen cards.	Not Met
ii) Learning, Training and Development Employees receive appropriate training in accordance with requirements pertaining to financial management, contracting and human resources.	For 9 of 23 applicable files reviewed, employees had received appropriate delegations training. The following exceptions were noted: For two files reviewed, documentation was not provided to demonstrate when the individual had completed the appropriate training. For three files reviewed, the mandatory training or the re-validation training had expired and therefore re-validation was required; and For nine files reviewed, FCAC stated that the individuals had completed the in-house mandatory training prior to exercising their delegated authority. However, no supportive documentation was provided to demonstrate when the mandatory training was taken.	Not Met
Recommendations: 1. The FCAC should ensure that delegation business processes are improved and are consistently performed in compliance with the Treasury Board Directive on Delegation of Financial Authorities for Disbursements, and that sufficient documentation is retained on file to ensure that: All signature specimen cards include the date on which the appropriate authority had delegated financial authority to the incumbent; Delegated financial authorities are formally reviewed on an annual basis and updated, if deemed necessary; and All employees with delegated financial authorities receive mandatory training before they exercise their delegated authority.
Overall Compliance: Not Met

Policy on Financial Management Governance
Criteria	Findings	Compliance
i) The department has established a sound financial management governance structure that fosters prudent stewardship of public resources in the delivery of the mandate of the organization.	The department has established a sound financial management governance structure that fosters prudent stewardship of public resources in the delivery of its mandate. An organizational budget was established for fiscal year 2016-17; it aligns with the Business Plan and directly relates to the FCAC’s strategic outcome. The budget for fiscal year 2016-17 was approved through FCAC’s Business Plan. The Agency develops its three-year Business Plan, which identifies priorities, strategies and strategic actions. Based on the Business Plan, branches develop their strategic deliverables, supporting activities and budgets. The budget is broken down by departmental responsibility centre and further broken down by expense items. Variances between actual and budgeted amounts are analyzed by each responsibility centre, and the monthly variance analysis is reported to the CFO. At mid-year, a revised budget based on actual figures and anticipated needs to the end of the fiscal year is presented for approval to the Commissioner. The FCAC also uses a salary forecasting tool that breaks salaries down by responsibility centre and by full-time equivalents. Departmental risks are reviewed periodically in an informal manner, and formally every year as part of FCAC’s Enterprise Risk Management Framework and in view of its Corporate Planning exercise.	Met
Recommendation: None
Overall Compliance: Met

Directive on Acquisition Cards
Criteria	Findings	Compliance
i) Acquisition cards attribution is controlled and cardholders have acknowledged their responsibility in writing.	For the one cardholder transaction reviewed, there was no acquisition card request form on file and no documentation to evidence that the cardholder acknowledged the responsibilities and obligations prior to receiving the acquisition card from the coordinator.	Not Met
ii) Funds commitment availability is certified by an individual with the delegated authority, prior to the expenditure initiation at the value expected to be incurred (section 32 of the Financial Administration Act).	For 23 of 29 applicable transactions reviewed, funds commitment availability was certified by an individual with the delegated authority, prior to the expenditure initiation at the value expected to be incurred. The following exceptions were noted: For two transactions reviewed, there was no pre-approval documentation on file; For one transaction reviewed, the expense was approved by an individual whose delegated authority had expired; For one transaction reviewed, the approval was not dated, therefore it could not be determined if approval was provided prior to the purchase; and For two transactions reviewed, the expense was not approved prior to the event. Please see Recommendation 7	Not Met
iii) The performance of account verification is performed by an individual with the delegated authority, is accomplished on a timely basis and verifies the correctness of the payment requested (section 34 of the Financial Administration Act).	For 38 of 40 applicable transactions reviewed, account verification was performed by an individual with the delegated authority, was accomplished on a timely basis and verified the correctness of the payment requested. The following exceptions were noted: For one transaction reviewed, the expense certified was not properly supported by proof of execution and cost; and For one transaction reviewed, account verification was not conducted on a timely basis. Please see Recommendation 8	Partially Met
iv) The payment and settlement is carried out by an individual with the delegated authority, for the correct dollar amount and to the right vendor on a timely basis (section 33 of the Financial Administration Act).	This criterion was not assessed as it is performed by OSFI.	Not Applicable
v) Cards are to be used solely for authorized government business-related purchases of goods, services and pre-approved hospitality expenditures.	For 38 of 40 applicable transactions reviewed, cards were used solely for authorized government business-related purchases of goods, services and pre-approved hospitality expenditures. The following exception was noted: For two transactions reviewed, there was insufficient justification on file to demonstrate the business need for the purchases.	Partially Met
Recommendation: 2. The FCAC should ensure that sufficient documentation is retained on file for acquisition cards to substantiate their issuance, approval, modification, and acknowledgment of responsibilities by the cardholder, and to support that acquisition card purchases are government business-related expenses.
Overall Compliance: Partially Met

Contracting Policy
Criteria	Findings	Compliance
A total of 37 contracting files were reviewed. Out of these, 8 were non-competitive, 3 were competitive, 20 procurement files pertained to the use of Public Services and Procurement Canada standing offers, supply arrangement or were awarded by Shared Services Canada, and 6 files were without a contract paid by an acquisition card.
i) Procurement strategy: non-competitive (non-competitive method of supply include sole-source) There is documentation on file to support the justification for non-competitive procurement contracts in accordance with section 6 of Government Contracts Regulations.	For 1 of 8 applicable non-competitive contracting files reviewed, there was documentation on file to support the justification for non-competitive procurement in accordance with section 6 of the Government Contract Regulations. Some files had multiple compliance issues: For five files reviewed, there was no pre-defined statement of work on file; For three files reviewed, justification on file for sole sourcing was not appropriately documented or substantiated; and For three files reviewed, best-value analysis was either not documented on file or the analysis conducted was not considered sufficient.	Not Met
ii) Procurement strategy (methods of supply include contracts, standing offers and supply arrangements) Appropriate tendering processes for bids are used in the proper circumstances.	For 28 of 37 contracting files reviewed, appropriate tendering process for bids were used in proper circumstances. The following exception was noted: For nine files reviewed, the appropriate procurement vehicle was not used.	Not Met
iii) Procurement strategy: competitive (methods of supply include contracts, standing offers and supply arrangements) Bid evaluation criteria were provided on request for proposal (RFP) documents and were used for contractor selection in an open, fair and transparent manner.	For 2 of 3 applicable competitive contracting files reviewed, the bid evaluation criteria were provided on Request for Proposal (RFP) documents and were used for contractor selection in an open, fair and transparent manner. The following exception was noted: For one file reviewed, there was no evaluation report on file to justify the selection of the vendor.	Not Met
iv) Funds commitment availability is certified by an individual with the delegated authority, prior to the expenditure initiation at the value expected to be incurred (section 32 of the Financial Administration Act).	For 31 of 35 applicable contracting files reviewed, funds commitment availability was certified by an individual with the delegated authority, prior to the expenditure initiation and at the value expected to be incurred. The following exceptions were noted: For two files reviewed, no documentation regarding expenditure initiation approval or Section 32 certification was on file; therefore, it could not be determined whether the expense was approved by the appropriate authority; For one file reviewed, the expense was not approved prior to the contract award; and For one file reviewed, it could not be determined if the commitment was recorded at the value expected to be incurred. Please see Recommendation 7	Partially Met
v) Contract management Contracts and contract amendments were approved prior to the receipt of any goods or services or the expiration of the original contract and supporting documentation is retained on file.	For 23 of 31 applicable contracting files reviewed, the contract and amendments were approved prior to the receipt of any goods or services or the expiration of the original contract and supporting documentation was retained on file. Some files had multiple compliance issues: For one file reviewed, security requirements were not addressed to ensure compliance with the provisions of the Policy on Government Security; For one file reviewed, contracts were retroactively awarded for services that had already been provided without a contract; For one file reviewed, a contract amendment was not on file; For five files reviewed, contract amendments were not properly justified and substantiated; and For one file reviewed, the contract amendment was raised before the contract was awarded.	Not Met
vi) The performance of account verification is performed by an individual with the delegated authority, is accomplished on a timely basis and verifies the correctness of the payment requested (section 34 of the Financial Administration Act).	For 29 of 36 applicable contracting files reviewed, account verification was performed by an individual with the delegated authority, supported by proof of execution and accomplished on a timely basis. Some files had multiple compliance issues: For three files reviewed, the expense certified was not properly supported by proof of execution and/or cost; and For five files reviewed, account verification was not administered on a timely basis since it was performed more than 30 days after the vendors’ invoice was received. Please see Recommendation 8 Please note the audit found that two transactions were approved by an individual who had performed incompatible duties. For contracting and contract amendments, two instances were noted where the contracting delegated authority had completed account verification, which resulted in a lack of segregation of duties based on the Directive on Delegation of Financial Authorities for Disbursements. FCAC stated that due to the organization size and the limitation of roles and responsibilities, the Agency has a standby responsibility for the Administrative Services Manager in the event of emergencies to ensure continuous operations. FCAC has also been monitoring this segregation of duties conflict on an annual basis and preparing annual declarations. There was no impact on compliance; however, a recommendation was included to address the conflict of duties.	Not Met
vii) The payment and settlement is carried out by an individual with the delegated authority, for the correct dollar amount and to the right vendor on a timely basis (Section 33 of the Financial Administration Act).	This criterion was not assessed as it is performed by OSFI.	Not Applicable
viii) Proactive disclosure Contracts valued at over $10,000 are publicly disclosed.	For 17 of 19 applicable contracting files reviewed, the contracts (including amendments) valued at over $10,000 were publicly disclosed. The following exceptions were noted: For one file reviewed, the contract information disclosed does not correspond with the amendment information on file; and For one file reviewed, the contract was proactively disclosed; however, amount disclosed was not accurate.	Partially Met
ix) Payable at year-end (PAYE) A PAYE was properly set up, and the transactions were identified as such.	PAYEs were not assessed because the audit covered the period from April 1 to December 31, 2016.	Not Applicable
Recommendation: 3. The FCAC should ensure that business processes are improved and are consistently performed in compliance with the Treasury Board Contracting Policy, and that sufficient documentation is retained on file to ensure that: Statements of work are developed and explicitly defined prior to the contract award; Non-competitive contract files contain justification for sole-source contracting in accordance with Section 6 of the Government Contracts Regulations; Best-value analysis is performed prior to contract award; Appropriate procurement methods are chosen and used in compliance with their terms and conditions; Bid-evaluation reports are developed and signed by a minimum of two clearly identified evaluators; Segregation of duties is appropriate (i.e. approval of contracts and amendments (Section 41) and performance of account verification (Section 34)); Contract amendments are properly justified and substantiated; and Contracts, and applicable contract amendments, valued at over $10,000 are publicly disclosed, in the right amount, on the departmental website.
Overall Compliance: Not Met

National Joint Council Travel Directive
Criteria	Findings	Compliance
i) Government business travel expenses are managed to achieve fair, reasonable and modern travel practices.	For 20 of 29 transactions reviewed, government business travel expenses were managed to achieve fair, reasonable and modern travel practices. The following exceptions were noted: For one transaction reviewed, ineligible meal allowance was reimbursed (one dinner); For two transactions reviewed, the accommodations selected were not from the pre-approved government suppliers list and exceeded the approved city rate limit, with no sufficient justification documented on file; For four transactions reviewed, kilometric rates for the use of privately-owned vehicles and parking should not have been reimbursed for the commute to work, and there was no justification documented on file; and For two transactions reviewed, the flight arrangements did not respect the appropriate limits.	Not Met
ii) Funds commitment availability is certified by an individual with the delegated authority, prior to the expenditure initiation at the value expected to be incurred (section 32 of the Financial Administration Act).	For all 29 applicable transactions reviewed, funds commitment availability was certified by an individual with the delegated authority, prior to the expenditure initiation at the value expected to be incurred.	Met
iii) The performance of account verification is performed by an individual with the delegated authority, is accomplished on a timely basis and verifies the correctness of the payment requested (section 34 of the Financial Administration Act).	For all 30 transactions reviewed, account verification was performed by an individual with the delegated authority, was accomplished on a timely basis and verified the correctness of the payment requested.	Met
iv) The payment and settlement is carried out by an individual with the delegated authority, for the correct dollar amount and to the right vendor on a timely basis (section 33 of the Financial Administration Act).	This criterion was not assessed as it is performed by OSFI.	Not Applicable
v) All travel expenses for designated senior-level Government of Canada employees are proactively disclosed.	For all ten applicable transactions reviewed, the travel expenses for the designated senior-level employees were properly recorded and proactively disclosed.	Met
vi) Total annual expenditures for travel for the department are disclosed on its website, including a brief description of the main variances from the previous year’s actual expenditures.	Total annual travel expenditures for the department were disclosed on its website, including a brief description of the main variances from the previous year’s actual expenditures.	Met
vii) Travellers cheques and advances are used in valid circumstances.	None of the selected transactions included travel advances or travellers cheques.	Not Applicable
Recommendation: 4. The FCAC should ensure that travel business processes are improved and are consistently performed in compliance with the National Joint Council Travel Directive, and that sufficient documentation is retained on file to ensure that: Employees are reimbursed for meals, mileage and flight expenses within the limits prescribed by the Travel Directive or justification is retained on file; and Accommodations are selected from the Government Accommodation Directory and within the city rate limit, and sufficient justification is kept on file when the hotel is not included in the Directory or when the identified limit is exceeded.
Overall Compliance: Partially Met

Directive on Travel, Hospitality, Conference and Event Expenditures
Criteria	Findings	Compliance
i) Hospitality events are planned and conducted in an economical and appropriate way to facilitate government business, consistent with event circumstances.	For 2 of 9 applicable transactions reviewed, hospitality events were planned and conducted in an economical and appropriate way to facilitate government business, consistent with the event circumstances. The following exceptions were noted: For two transactions reviewed, hospitality was provided to federal employees with insufficient documentation on file to justify that hospitality was required; and For five transactions reviewed, there was no documentation on file to demonstrate that the most economical and efficient alternatives were considered (i.e., no best-value analysis was on file).	Not Met
ii) Funds commitment availability is certified by an individual with the delegated authority, prior to the expenditure initiation at the value expected to be incurred (section 32 of the Financial Administration Act).	For 4 of 9 applicable transactions reviewed, funds commitment availability was certified by an individual with the delegated authority, prior to the expenditure initiation at the value expected to be incurred. Some transactions had multiple compliance issues: For three transactions, the expense was not approved by the appropriate authority; the expense was approved by the Commissioner who was also a participant at the hospitality event, when it should have been approved by the CFO; and For four transactions reviewed, it could not be determined whether the expense was approved prior to the event as the approval was not dated. Please see Recommendation 7	Not Met
iii) The performance of account verification is performed by an individual with the delegated authority, is accomplished on a timely basis and verifies the correctness of the payment requested (section 34 of the Financial Administration Act).	For 4 of 9 applicable transactions reviewed, account verification was performed by an individual with the delegated authority, was accomplished on a timely basis and verified the correctness of the payment requested. The following exceptions were noted: For four transactions reviewed, account verification was performed by the beneficiaries of the expenditures; and For one transaction, section 34 signature was not conducted in a timely manner. Please see Recommendation 8	Not Met
iv) The payment and settlement is carried out by an individual with the delegated authority, for the correct dollar amount and to the right vendor on a timely basis (section 33 of the Financial Administration Act).	This criterion was not assessed as it is performed by OSFI.	Not Applicable
v) Hospitality expenses for designated senior-level employees are properly recorded and proactively disclosed.	For 3 of 6 applicable transactions reviewed, the hospitality expenses for designated senior-level employees were properly recorded and proactively disclosed. The following exception was noted: For three transactions reviewed, hospitality expenditures were not proactively disclosed on the department’s website.	Not Met
vi) Total annual expenditures for hospitality for the department are disclosed on its website, including a brief description of the main variances from the previous year’s actual expenditures.	Total annual hospitality expenditures for the department were disclosed on its website, including a brief description of the main variances from the previous year’s actual expenditures.	Met
Recommendation: 5. The FCAC should ensure that hospitality business processes are improved and are consistently performed in compliance with the Directive on Travel, Hospitality, Conference and Event Expenditures, and that sufficient documentation is retained on file to ensure that: Planning documentation reasonably justifies the operational need for the hospitality expenditures, especially in situations where hospitality is extended to a gathering of public servants only; The most efficient and economical alternatives for hospitality expenditures have been considered; and Hospitality expenses for designated senior-level employees are proactively disclosed on the departmental website.
Overall Compliance: Not Met

Directive on Financial Management of Pay Administration
Criteria	Findings	Compliance
Casual Employees
i) Casual (non-EX) Key terms and conditions requirements for casual employees are administered correctly.	For all three casual employee files reviewed, key terms and conditions requirements for casual employees were administered correctly.	Met
ii) Employee security screening is managed properly and subject to proper delegated authority.	For all three casual employee files reviewed, employee security screening was managed properly and subject to proper delegated authority.	Met
Performance Pay
iii) EX group and excluded employees Performance pay is administered correctly and approved by the appropriate delegated authority.	Not applicable; the FCAC is a separate employer and not subject to the relevant Treasury Board Directives.	Not Applicable
All Pay Administration Files
iv) Funds commitment availability is certified by an individual with the delegated authority, prior to the expenditure initiation at the value expected to be incurred (section 32 of the Financial Administration Act).	For 15 of 18 applicable transactions reviewed, funds commitment availability was certified by an individual with the delegated authority, prior to the expenditure initiation. Commitments were recorded at the value expected to be incurred at the beginning of the fiscal year. The following exceptions were noted: For two transactions, section 32 approval for overtime pay was either not signed or not documented on file; therefore it could not be determined whether the expense was approved by an appropriate authority and approved prior to the overtime; and For one acting transaction reviewed, approval occurred after the start date. Please see Recommendation 7	Partially Met
v) The performance of account verification is performed by an individual with the delegated authority, is accomplished on a timely basis and verifies the correctness of the payment requested (section 34 of the Financial Administration Act).	For 17 of 19 applicable transactions reviewed, account verification was completed by an individual with the delegated authority, was accomplished on a timely basis and verified the correctness of the payment requested. The following exception was noted: For two transactions reviewed, account verification was not conducted in a timely manner. Please see Recommendation 8	Partially Met
vi) The payment and settlement is carried out by an individual with the delegated authority, for the correct dollar amount and to the right vendor on a timely basis (section 33 of the Financial Administration Act).	For all 24 applicable transactions reviewed, payment and settlement was carried out for the correct dollar amount and to the right vendor. Note that sub-criteria relating to an individual with the delegated authority and timeliness were not assessed, as Section 33 responsibilities are completed by Canadian Human Rights Commission (CHRC).	Met
vii) Adequate segregation of duties, such as ensuring the custody and distribution of cheques and direct deposit payment statements, exists in pay administration roles.	Adequate segregation of duties exists in pay administration roles.	Met
viii) Departure procedures for the department are followed.	For the two applicable transactions reviewed, the departure procedures for the department were not followed as there was no evidence on file of departure forms signed by all concerned parties prior to leaving the organization.	Not Met
Recommendation: 6. The FCAC should ensure that departure forms are completed by all applicable authorities and kept on file.
Overall Compliance: Partially Met

Directive on Receivables Management
Criteria	Findings	Compliance
i) Departmental mechanisms exist to ensure the appropriate use of accounts receivable.	Departmental mechanisms exist to ensure the appropriate use of accounts receivable. Results-based measurement mechanisms were established and monitored. Periodic reports on the financial and non-financial activities of the portfolio, including receivable ageing reports, were prepared and distributed to management. Appropriate division of duties exists in relation to collections, write-offs, the maintenance of accounting records, and the handling and reconciling of money.	Met
ii) The department enters into an agreement with each debtor which defines the type(s) of goods and services that can be provided on credit, seeks security for debts due and informs the debtor of their obligations under applicable acts and regulations.	Debtors were informed of their obligations under the applicable acts and regulations. Documented procedures provide details on how initial accounts receivable transactions and subsequent cash payments/final settlements for all types of revenue are to be recorded in the financial system. Procedures detailing the calculation and notification of interest on overdue accounts for all types of revenue are documented. Procedures for the collection of administrative monetary penalties are also documented.	Met
iii) Receivable transactions are recorded accurately and are accompanied by complete audit trails.	For 46 of 47 transactions reviewed, the account receivable was recorded accurately and was accompanied by a complete audit trail. The following exception was noted: or one transaction reviewed, the account receivable did not have a complete audit trail.	Met
Recommendation: None
Overall Compliance: Met

Directive on Expenditure Initiation and Commitment Control
Criteria	Findings	Compliance
i) Funds commitment availability is certified by an individual with the delegated authority, prior to the expenditure initiation at the value expected to be incurred.	For 102 of 120 transactions reviewed, funds commitment availability was certified by an individual with the delegated authority, prior to the expenditure initiation at the value expected to be incurred. The results of these findings are rolled up from expenditure initiation findings found under the following: Directive on Acquisition Cards (criterion ii) Contracting Policy (criterion iv) National Joint Council Travel Directive (criterion ii) Directive on Travel, Hospitality, Conference and Event Expenditures (criterion ii) Directive on Financial Management of Pay Administration (criterion iv)	Partially Met
Recommendation: 7. The FCAC should ensure that expenditure initiation (pre-approval and commitment) is properly documented and performed by an individual who has the appropriate delegated authority before expenses are incurred, specifically in relation to acquisition card purchases, hospitality expenditures, contracting and pay administration actions.
Overall Compliance: Partially Met

Directive on Account Verification
Criteria	Findings	Compliance
i) The performance of account verification is performed by an individual with the delegated authority, is accomplished on a timely basis and verifies the correctness of the payment requested.	For 118 of 134 transactions reviewed, the performance of account verification was performed by an individual with the delegated authority, was accomplished on a timely basis and verified the correctness of the payment requested. The results of these findings are rolled up from account verification findings found under the following: Directive on Acquisition Cards (criterion iii) Contracting Policy (criterion vi) National Joint Council Travel Directive (criterion iii) Directive on Travel, Hospitality, Conference and Event Expenditures (criterion iii) Directive on Financial Management of Pay Administration (criterion v)	Partially Met
ii) The payment and settlement is carried out by an individual with the delegated authority, for the correct dollar amount and to the right vendor on a timely basis.	For all 24 transactions reviewed, payment and settlement was carried out by an individual with the delegated authority, for the correct dollar amount and to the right vendor on a timely basis. The results of these findings are rolled up from payment and settlement findings found under the following: Directive on Financial Management of Pay Administration (criterion vi)	Met
Recommendation: 8. The FCAC should ensure that account verification is performed by the appropriate delegated authority on a timely basis, and is supported by complete documentation (proof of execution and cost), specifically in relation to acquisition card purchases, hospitality expenditures, contracting and pay administration actions.
Overall Compliance: Partially Met

Appendix 1: Policies and Directives Tested

Areas Tested

Directive on Delegation of Financial Authorities for Disbursements (tested)

Policy on Financial Management Governance (tested)

Directive on Loans and Loan Guarantees

Directive on Losses of Money or Property

Directive on Payment Requisitioning and Cheque Control

Directive on Departmental Bank Accounts

Directive on Expenditure Initiation and Commitment Control^{Footnote 2} (tested)

Directive on Receivables Management (tested)

Directive on Specified Purposes Accounts

Directive on Account Verification^{Footnote 3} (tested)

Directive on Fleet Management: Light-Duty Vehicles

Directive on Acquisition Cards (tested)

Directive on Accountable Advances

Directive on Year-End Recording of Payables

Contracting Policy (tested)

National Joint Council Travel Directive (tested)

Directive on Travel, Hospitality, Conference and Event Expenditures (tested)

Performance Pay Administration^{Footnote 4}

Directive on Leave and Special Working Arrangements

Directive on Financial Management of Pay Administration (tested)

Policy on Transfer Payments

Directive on Transfer Payments

Term Employment Policy (Casual Employees)

Directive on Terms and Conditions of Employment (Casual Employees)

Appendix 2: Risk Ranking of Recommendations

The following table presents the recommendations and their assigned priority ranking. Rankings were determined based on the relative importance of the recommendations and their potential to motivate long-term change and reduce risk in Financial Consumer Agency of Canada.

Recommendations	Priority
1. The FCAC should ensure that delegation business processes are improved and are consistently performed in compliance with the Treasury Board Directive on Delegation of Financial Authorities for Disbursements, and that sufficient documentation is retained on file to ensure that: All signature specimen cards include the date on which the appropriate authority had delegated financial authority to the incumbent; Delegated financial authorities are formally reviewed on an annual basis and updated, if deemed necessary; and All employees with delegated financial authorities receive mandatory training before they exercise their delegated authority.	High
2. The FCAC should ensure that sufficient documentation is retained on file for acquisition cards to substantiate their issuance, approval, modification, and acknowledgment of responsibilities by the cardholder, and to support that acquisition card purchases are government business-related expenses.	Medium
3. The FCAC should ensure that business processes are improved and are consistently performed in compliance with the Treasury Board Contracting Policy and that sufficient documentation is retained on file to ensure that: Statements of work are developed and explicitly defined prior to the contract award; Non-competitive contract files contain justification for sole-source contracting in accordance with Section 6 of the Government Contracts Regulations; Best-value analysis is performed prior to contract award; Appropriate procurement methods are chosen and used in compliance with their terms and conditions; Bid-evaluation reports are developed and signed by a minimum of two clearly identified evaluators; Segregation of duties is appropriate (i.e. approval of contracts and amendments (Section 41) and performance of account verification (Section 34)); Contract amendments are properly justified and substantiated; and Contracts, and applicable contract amendments, valued at over $10,000 are publicly disclosed, in the right amount, on the departmental website.	High
4. The FCAC should ensure that travel business processes are improved and are consistently performed in compliance with the National Joint Council Travel Directive, and that sufficient documentation is retained on file to ensure that: Employees are reimbursed for meals, mileage and flight expenses within the limits prescribed by the Travel Directive or justification is retained on file; and Accommodations are selected from the Government Accommodation Directory and within the city rate limit, and sufficient justification is kept on file when the hotel is not included in the Directory or when the identified limit is exceeded.	Medium
5. The FCAC should ensure that hospitality business processes are improved and are consistently performed in compliance with the Directive on Travel, Hospitality, Conference and Event Expenditures, and that sufficient documentation is retained on file to ensure that: Planning documentation reasonably justifies the operational need for the hospitality expenditures, especially in situations where hospitality is extended to a gathering of public servants only; The most efficient and economical alternatives for hospitality expenditures have been considered; and Hospitality expenses for designated senior-level employees are proactively disclosed on the departmental website.	High
6. The FCAC should ensure that departure forms are completed by all applicable authorities and kept on file.	Low
7. The FCAC should ensure that expenditure initiation (pre-approval and commitment) is properly documented and performed by an individual who has the appropriate delegated authority before expenses are incurred, specifically in relation to acquisition card purchases, hospitality expenditures, contracting and pay administration actions.	Medium
8. The FCAC should ensure that account verification is performed by the appropriate delegated authority on a timely basis, and is supported by complete documentation (proof of execution and cost), specifically in relation to acquisition card purchases, hospitality expenditures, contracting and pay administration actions.	Medium

Appendix 3: Links to Applicable Legislation, Policies and Directives

Applicable Legislation, Policies, and Directives – Website Reference (links current as of January 12, 2016)

Footnote 1

Compliance thresholds for the transactions tested.

Return to footnote1 referrer

Footnote 2

Includes the Financial Administration Act, section 32.

Return to footnote2 referrer

Footnote 3

Includes the Financial Administration Act, section 34.

Return to footnote3 referrer

Footnote 4

Includes the Policy on the Management of Executives, the Directive on Terms and Conditions of Employment for
Certain Excluded/Unrepresented Employees and the Directive on Executive Compensation.

Return to footnote4 referrer

Page details

Date modified:: 2021-06-09

Language selection

Search

Management Letter for the Core Control Audit of the Financial Consumer Agency of Canada