This Web page has been archived on the Web.

2006 November Report of the Auditor General of Canada

November 2006 Report—Chapter 4

Exhibit 4.4—The "not in the public interest" exception to contract competition was misapplied

Intelligence database

In the two Royal Canadian Mounted Police files we examined where staff used the reason that it was "not in the public interest" to solicit bids, we found that there was insufficient reason provided to warrant its use. In one case, an intelligence database was being expanded and needed to be maintained. The RCMP has used the same firm for 15 years to create and maintain this database. When we reviewed the file, we found no statement of work—only a proposal from the supplier and a claim that the supplier would have access to a secure data centre. This data centre—and the contractors working in it—were under direct RCMP supervision.

The RCMP recommended to Public Works that the contract be let without competition to preserve the continuity of personnel and to restrict knowledge of the system to "the small circle of individuals who would ensure the best interests of the RCMP and the Canadian public at large." Public Works accepted the RCMP rationale and used it to justify letting the contract to the incumbent firm.

However, continuity of personnel is not a valid reason for sole-sourcing a contract under Government Contracts Regulations. Moreover, while the need for security-cleared contracts is apparent, the claimed need for severe restrictions in the number of individuals with knowledge of the existence of the database is at variance with the security provisions in place. There were no codeword clearance or "need to know" restrictions in place, and contract personnel with only the lowest level of security clearance were allowed to work on the project.

At the time of our audit, Public Works told us the contractor selected was the only qualified supplier capable of performing the contract. This is at variance with their rationale stated when the contract was let and was not further supported by them.

It is not clear to us why a restricted call to secured vendors could not be used in this case. The value of the contract, including options, was $800,000.

Panic buttons

In another case, the RCMP wanted to buy panic buttons for diplomats, senior federal officials, and other protected persons. The RCMP claimed that this purchase had to be compatible with existing equipment, and only the current vendor could supply the right equipment. The RCMP said the requirement was urgent because the stock was running out and an election was pending. It also claimed that it was necessary to limit knowledge of the specifications of the system for security reasons.

Public Works accepted these claims and let the contract to the incumbent supplier without competition.

We do not understand how compatibility with existing systems could create compatibility problems since the components were to be built to an RCMP-designed specification. We further do not understand—nor could the RCMP explain—how a pending election affected the urgency of their requirement.

Finally, we do not understand why secrecy around this requirement was so extreme that other, security-cleared contractors could not have been asked for bids. Although the hardware and circuitry were revealed to the contractor, the actual communication codes were kept secret by the RCMP. In addition the security requirements checklist for the contract—certified by the RCMP—stated that: there were no communications or information security requirements, only the lowest level of information assets ("Protected A") would be accessed, that contractors required only the lowest level of security screening, and that unscreened persons could be used for portions of the requirement.