Government-wide financial statements receive clean audit opinions. Yet the federal public service has systemic weaknesses in financial management and control. Could that be true?
You better believe it’s true.
Let’s take a look at some examples of mismanagement.
ArriveCAN
The Auditor General found CBSA, PHAC, and PSPC “repeatedly failed to follow good management practices” in contracting and oversight. Documentation, financial records, and controls were so poor the OAG could not determine the precise cost (OAG could only estimate ~$59.5M). Invoices often lacked detail; competition was restricted; and key deliverables/qualifications were missing—undermining value for money.
Government-wide IT general control deficiencies
In the OAG’s Financial Audits Commentary (2022–23), auditors reported deficiencies in access controls and other IT general controls for systems that process payments, receipts, and accounting—increasing fraud and wrongdoing risk.
Pay administration remains error-prone years after Phoenix
In 2022–23, 30% of sampled employees still had an error in basic or acting pay; 405,000 pay action requests were outstanding at 31 Mar 2023 (about 65,000 pending >3 years). This shows persistent control and processing weaknesses in a core financial function.
Departmental inventory & asset controls
National Defence, after two decades of concerns, the OAG still found errors in 17% of sampled items and delays in modernizing inventory controls (barcoding/scanning now projected to 2028–29), indicating sustained internal-control weaknesses affecting financial records.
Benefits and overpayments governance
The OAG remains concerned that the government may not investigate significant amounts of potentially ineligible COVID-19 payments; as of the commentary, $11.2 billion in overpayments or ineligible payments had been identified by government. Weaknesses in post-payment verification and recovery signal control gaps at program level.
Department-level ICFR/ICFM findings
CBSA (2024 internal audit): “Improvements are needed” in the ICFR management framework, methodologies, control assessments, and monitoring/reporting to better manage financial reporting risks.
Global Affairs Canada (2022 ICFM audit): Risk assessment and ongoing monitoring plan for internal control over financial management were rated “Needs Improvement” against TBS guidance.
Contextual balance
While the OAG issued an unmodified opinion on the 2022–23 consolidated financial statements—indicating the statements are fairly presented—its commentary simultaneously highlights material control weaknesses (IT controls, payroll, program stewardship) that elevate risk and fall below acceptable standards of control for many departments and programs.
