ARCHIVED - Audit of Enforcement and Investigation Services (EIS)

This page has been archived

Information identified as archived is provided for reference, research or record-keeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Table of Contents

1.0 Executive Summary

1.1 Introduction

The Canadian Food Inspection Agency's (CFIA's) current Enforcement and Compliance Policy (1999) establishes policies and procedures for monitoring compliance and conducting investigations when incidents of non-compliance are identified during the course of inspections. The Policy established the creation of a centralized enforcement division: Enforcement and Investigations Services (EIS). As noted in the approved policy (1999), the creation of a centralized enforcement division allows CFIA to deal with enforcement and compliance in an effective, consistent and fair manner. Incidents of non-compliance are referred by inspection staff to EIS where trained investigators oversee the gathering and documenting of evidence in support of monetary penalties or prosecution.

In 2005 CFIA decentralized EIS governance. Area EIS Managers now report to Area Executive Directors with the Director of EIS at National Headquarters assuming the roles of policy and training development and as the link between EIS field activities and the Vice-President of Operations Branch.

This audit was undertaken in response to a request from the President, CFIA. The objective of this audit is to provide assurance that EIS files, activities and supporting functions are undertaken consistently and in compliance with the Enforcement and Compliance Policy (1999). The audit's scope includes current EIS operational practices and a sample of the 3,188 EIS files initiated between April 2006 and August 2009 across CFIA's four Areas.

The Enforcement and Compliance Policy (1999) as well as the procedures and methods expected for an investigations function formed the basis for the audit issues and criteria:

  • File completeness and consistent application of management protocols including delegated authorities;
  • Completeness and consistent delivery of training for EIS investigators;
  • Roles and responsibilities not limited to EIS personnel but also supporting functions including Legal Services; and
  • The appropriateness and consistent application of governance arrangements.

We examined a random sample of 149 files across CFIA's four Areas. File review was supported by interviews with: CFIA Executives, EIS Managers and Investigators, as well as operations staff in supporting functions including Human Resources and Legal Services.

1.2 Findings and Recommendations

Governance

Finding 1.0: An updated Policy and a strategic direction for EIS has not been formalized and implemented.

Finding 2.0: The current governance structure does not support the consistent delivery and monitoring of enforcement and investigative services across the Agency.

Recommendation:

The Vice-President of Operations should ensure that a current Compliance and Enforcement Policy and supporting strategic direction for EIS are completed and approved. Included should be a governance structure that clearly prescribes authorities, roles and responsibilities and reporting mechanisms that support the fair and consistent application of enforcement and investigation activities across the Agency.

Controls

Finding 3.0: With minor exceptions, EIS case files across the four Areas comply with the Enforcement and Compliance Policy. The absence of manuals and standard operating procedures results in the inconsistent application of enforcement actions across the Agency.

Recommendation:

The Vice-President of Operations should develop standard operating procedures that govern the application of enforcement measures including enforcement escalation.

Risk Management

Finding 4.0: Triage of new EIS files by EIS Managers is undertaken in a risk-based, yet informal manner. No formal process is articulated for considering the nature and risk of incoming files and establishing the priorities for their disposition.

Finding 5.0: Case-load distribution among EIS investigators across the four Areas varies considerably.

Recommendation:

The Vice-President of Operations should formalize, implement and monitor a risk-based process to ensure that higher risk EIS files are given priority and that case-loads are manageable and support fair and consistent enforcement and investigation activities across the Agency.

1.3 Statement of Assurance

In my professional judgment as Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria. The opinion is applicable only to the entities examined and within the scope described herein.

1.4 Audit Opinion

In my opinion, the Enforcement and Investigation Services function has notable weaknesses that represent multiple areas of risk exposure related to governance, risk management and control processes that require management attention.

Peter Everson
Chief Audit Executive, Canadian Food Inspection Agency

The audit opinion is based on overall materiality and risk as represented by the noteworthy findings and recommendations reported.

2.0 About the Audit

2.1 Background

With the Canadian Food Inspection Agency Act, and the creation of the Canadian Food Inspection Agency (CFIA) in April 1997, the Government of Canada consolidated its federal inspection and related services for food, agricultural inputs and animal and plant health. Among the goals of CFIA is a uniform and consistent approach to safety and quality standards as well as for enforcement and compliance activities.

CFIA's current Enforcement and Compliance Policy (1999) establishes policies and procedures for monitoring compliance and conducting investigations when incidents of non-compliance are identified during the course of inspections. The Policy established the creation of a centralized enforcement division: Enforcement and Investigations Services (EIS). As noted in the approved policy (1999), the creation of a centralized enforcement division allows CFIA to deal with enforcement and compliance in an effective, consistent and fair manner. Incidents of non-compliance are referred by inspection staff to EIS where trained investigators oversee the gathering and documenting of evidence in support of monetary penalties or prosecution.

The centralized governance structure for EIS as prescribed in the Enforcement and Compliance Policy (1999) is lead by a Director of EIS who reports to the Vice-President of Operations Branch and has a functional relationship with CFIA's Legal Counsel. Field-level EIS responsibilities are assigned to EIS Area Managers in CFIA's four Areas: Atlantic, Western, Ontario and Quebec, all reporting directly to the Director of EIS at National Headquarters. A fifth unit, also reporting to the Director and based at National Headquarters, is responsible for policy development and coordination activities.

In 2005 CFIA decentralized EIS governance. Area EIS Managers now report to Area Executive Directors with the Director of EIS at National Headquarters assuming the roles of policy and training development and as the link between EIS field activities and the Vice-President of Operations Branch.

2.2 Objective

This audit was undertaken in response to a request from the President, CFIA. The original objective of this audit was to provide assurance on the consistency of EIS files and compliance with the Enforcement and Compliance Policy (1999), across CFIA's four Areas. The audit planning process resulted in the objective being expanded to include an examination of additional EIS supporting functions such as training and governance.

2.3 Scope

The audit's scope includes current EIS operational practices and a sample of the 3,188 EIS files initiated between April 2006 and August 2009 across CFIA's four Areas.

2.4 Methodology

The Enforcement and Compliance Policy (1999) is the active policy governing the function. The 1999 Policy, together with the procedures and methods expected for an investigations function, formed the basis for the audit issues and criteria:

  • File completeness and consistent application of management protocols including delegated authorities;
  • Completeness and consistent delivery of training for EIS investigators;
  • Roles and responsibilities not limited to EIS personnel - also supporting functions including Legal Services;
  • The appropriateness and consistent application of governance arrangements.

We examined a random sample of 149 files across CFIA's four Areas. File review was supported by interviews with CFIA Executives, EIS Managers and Investigators, as well as operations staff in supporting functions including Human Resources and Legal Services.

3.0 Findings and Recommendations

3.1 Introduction

This section presents detailed findings from the audit of Enforcement and Investigation Services at CFIA. Findings are based on the evidence and analysis from both our initial risk analysis and the detailed audit conduct.

In addition to the findings presented below, observations of conditions that were outside of the working scope of the audit or are non-systemic or of lower materiality and risk have been communicated to management for their consideration.

3.2 Governance

Finding 1.0: Out of Date Policy and no Strategic Direction

An updated Policy and a strategic direction for EIS has not been formalized and implemented.

We would expect that a clear strategic objective and approach for the EIS function that supports an overall enforcement strategy, has been developed and consistently applied. Without strategic guidance, the function does not have clear or consistent objectives, priorities and outcomes.

CFIA's Enforcement and Compliance Policy (1999) is the approved policy governing the function. The objective of the 1999 Policy is to enhance the effectiveness and efficiency of CFIA's enforcement and compliance activities through the establishment of a consistent and uniform approach. CFIA has a number of enforcement actions including product detention, license revocation, warnings, prosecutions and administrative monetary penalties (AMPs) that can be applied to the range of activities that CFIA regulates. How these enforcement actions are applied can be dependent on what the applicable legislation allows under a program, the nature of the non compliance and the risk that it poses, and the frequency for which a regulated party has been previously cited for non-compliance.

In May 2008 an EIS Strategic Priorities document was created which included a vision/mission for EIS as well as strategic priorities in human resources, governance and management, program delivery and, strategic alliances within the law enforcement community. The EIS Strategic Priorities document identifies a number of strategies to improve consistency of EIS activities across the Areas, including development of a national training program, oversight and monitoring of EIS activities and development of program/operational policies. The document has yet to be formally approved, implemented or monitored; an updated Compliance and Enforcement Policy also remains in draft form and has not been approved.

Enforcement priorities are the responsibility of each Area. EIS files and the types of violations and enforcement actions taken in each Area indicate an inconsistent strategy or approach. In the Quebec Area for example, a much higher percentage of the files sampled (90%) were for Health of Animals violations in comparison to other Areas. The reason for this inconsistency is the Quebec Area's use of AMPs as their preferred enforcement tool which by Policy is applied only in limited circumstances including humane transport violations.

Finding 2.0: A Governance Structure Inconsistent with Program Delivery

The current governance structure does not support the consistent delivery and monitoring of enforcement and investigative services across the Agency.

A clear governance structure helps to ensure clear oversight, decision-making, reporting, and consistency in roles and responsibilities. We expected to find that the current EIS governance structure is reflected in policy and supports consistent, fair delivery of the program.

The 1999 Policy dictated a centralized structure with Area EIS Managers reporting to the Director of EIS based at National Headquarters (NHQ) who reports to the Vice-President of Operations. In 2005 the decision was taken by Operations Branch to adopt a decentralized structure with Area EIS Managers reporting to the Area Executive Director. The rationale was that Area Executive Directors should have authority over all inspection and enforcement activities undertaken in their respective Area.

As a result of the change to decentralized governance, the Director EIS at NHQ is now in a position of no direct authority over Area EIS activities. Instead, the Director EIS NHQ is focused on coordination, including tasks such as policy and training development and providing information updates to the Vice-President of Operations.

The EIS Management Team (EISMT) holds regular meetings and is comprised of the 4 Area EIS Managers, as well as 3 individuals from EISHQ - the Director of EIS, the Manager of Enforcement Training and Evaluation, and the Manager of Enforcement Operations. EIS draft strategies, policies, and issues are presented to the Operations Executive Committee. Quarterly reporting to the Operations Executive Committee was suspended in May 2009 due to limited resources. Regular reporting of emerging issues and status updates on key files among the EIS Area units and EIS NHQ contributes to achieving consistency and to ensuring that CFIA Senior Management is up to date on EIS activities. Currently, each Area Executive Director has regular briefings as required with their respective EIS Area manager. Monthly reporting to EIS NHQ and up to the Vice-President of Operations was initiated in March 2009 and discontinued later in 2009.

The current structure is consistent across the Areas with the exception of the role of Legal Services. The 1999 Policy identifies Regional Directors (reporting to Area Executive Directors) as having the authority to recommend prosecutions and based on that recommendation, information supporting the non compliance is provided to Area Executive Directors and Legal Services. The role of Legal Services is to take the lead role in prosecution action, act as the key contact for Crown Counsel and approval/sign-off. Currently, the role of Legal Services varies from very limited, as is the case in the Western and Ontario Areas where they do not have formal sign-off on AMP or prosecution files, to Atlantic where Legal Services is co-located with EIS and collaboration between the two functions is common practice.

Recommendation:

The Vice-President of Operations should ensure that a current Compliance and Enforcement Policy and supporting strategic direction for EIS are completed and approved. Included should be a governance structure that clearly prescribes authorities, roles and responsibilities and reporting mechanisms that supports the fair and consistent application of enforcement and investigation activities across the Agency.

3.3 Control

Finding 3.0: Files in Compliance, Inconsistent Enforcement

With minor exceptions, EIS case files across the four Areas comply with the Enforcement and Compliance Policy. The absence of manuals and standard operating procedures results in the inconsistent application of enforcement actions across the Agency.

We selected 149 files at random and assessed them for completeness as per the Enforcement and Compliance Policy. We found that 81% of case files contained the required Incident of Non-Compliance Report (INCR) - the inspector's summary that includes a description of the violation, the acts contravened and the approval by the delegated authority. For files without an INCR, almost all dealt with violations brought by a third party (e.g.: CBSA or a foreign country).

The Enforcement and Compliance Policy requires that Area Executive Directors and Legal Services approve all prosecution files and that Regional Directors issue and approve AMPs. Of the 149 case files audited, 93% included the required approvals, with the exception of Legal Services approval. Legal Services is not included in the approval process in the Western and Ontario Areas, and the exclusion of Legal Services has no impact on file completeness, accuracy or ability to undertake prosecution action. In both the Quebec and Atlantic Areas, Legal Services provides a value-added component to the approval process.

EIS files can be characterized as well organized and complete; particularly the prosecution and AMPs files that require full briefs of evidence and supporting information on the non-compliance. EIS case files are prepared by professional investigative, law enforcement or inspection personnel where documenting of evidence and recording of information in a clear and thorough manner is essential. A formal quality assurance function will assist the organization in ensuring continued file consistency and compliance.

We would expect that specific operational policies, processes and procedures exist that govern EIS decision-making and ensure consistent and fair application of enforcement actions in cases of non-compliance.

The 1999 Policy identifies three considerations when considering enforcement action, including: the nature of the offence and the harm it poses; the effectiveness in achieving compliance including the offender's history, willingness to cooperate; and consistency in enforcement and the consideration of similar situations and enforcement action taken. Also included are guidelines on when the different enforcement tools may be used including: written warnings, monetary penalties and prosecution.

There are no separate manuals or standard operating procedures providing guidance on such things as case file triage, documentation requirements or enforcement escalation procedures. The 1999 Policy provides the documented guidance on enforcement action when non-compliance is identified.

The 1999 Policy requires prosecution in all cases when the violation is a repeated or continuing offence. Though at the discretion and judgment of EIS personnel, we expected to find consistency across the Areas as to when prosecution action is taken - particularly for repeat offense. This was not the case, as we found instances where a regulated party had been assessed a monetary penalty on repeated occasions for the same violation with no prosecution and no stated reason for non-prosecution.

EIS Strategic Priorities, drafted in May 2008 (not approved or implemented to date) identifies the development of enforcement and investigation-specific policies, processes and procedures as a means to achieving quality and consistency in program delivery. Without prescribed processes and procedures, there is a risk that enforcement action will be inconsistently applied across Areas and in a manner that does not support the Agency's program objectives.

Recommendation:

The Vice-President of Operations should develop standard operating procedures that govern the application of enforcement measures including enforcement escalation.

3.4 Risk Management

Finding 4.0: An Informal Risk-Based Approach to Handling New EIS Files

Triage of new EIS files by EIS Managers is undertaken in a risk-based, yet informal manner. No formal process is articulated for considering the nature and risk of incoming files and establishing the priorities for their disposition.

With the broad scope of CFIA inspection activities (ranging from food safety violations that pose a risk to human health, to lower risk violations such as humane transport of animals destined for slaughter) we expected to find that EIS triages incoming files in a consistently applied, risk-based manner.

When incidents of non-compliance are identified by inspectors, an incident of non-compliance report is generated. If an investigation is recommended by the Inspection Manager, the file is transferred to EIS for further enforcement action. During the fiscal year 2008-2009, EIS received 1042 total files (Atlantic, 150; Quebec, 316; Ontario, 306; and West, 270).

In all four Areas, EIS managers and investigators acknowledged that the nature of the non-compliance including previous violations by the regulated party, intent, and the risk posed, was an important consideration when making the determination on when and how to initiate enforcement action. There is no formal process articulated for considering the nature and risk of incoming files and establishing the priorities for their disposition (triage).

The Agriculture and Agri-Food Administrative Monetary Penalties Act requires that AMP proceedings must be undertaken within six months in the case of minor violations and two years in the case of serious violations. We found that the triage process in at least one Area treats minor AMP violations as a priority since they have a shorter deadline. As a result, there is a risk that lower risk files can assume priority at the expense of more serious violations.

A risk-based triage process for incoming EIS files, prescribed in policy or procedures and consistently applied, helps to ensure that higher risk incidents of non-compliance are given priority; this is particularly the case in a decentralized structure.

Finding 5.0: Uneven Case-Load Distribution

Case-load distribution among EIS investigators across the four Areas varies considerably.

We would expect to find that the case-load distribution among EIS investigators is reasonably consistent across the four Areas and that the workload for investigators is manageable with priority given to files posing the highest risk to food safety, animal and plant health.

The way that EIS files are assigned to investigators, and consequently individual caseloads, varies across the Areas. Due to their size, the Western and Ontario Areas assign EIS investigators to specific geographic regions. Case-load distribution among the investigators is a product of how many EIS files are generated within their assigned region. By comparison, in Quebec and the Atlantic Areas, all investigators work out of the Area office and incoming files are assigned according to investigator capacity. As a result, case-loads in both Areas were characterized as manageable with some Quebec investigators spending up to 50 per cent of their time providing training to inspection staff.

In one Area, the EIS Manager developed a business case for additional resources since the case-load for the responsible investigator was characterized as unmanageable and consideration was being given to dropping cases. With new resources, there has been a significant increase in the number of incidents of non-compliance.

An inconsistent case-load could result in some investigators being overwhelmed and files being unaddressed.

Recommendation:

The Vice-President of Operations should formalize, implement and monitor a risk-based process to ensure that higher risk EIS files are given priority and that case-loads are manageable and support fair and consistent enforcement and investigation activities across the Agency.

Appendix A: Detailed Audit Criteria

Governance

1. We would expect to find the existing governance structure supports the organization's mandate and operational requirements:

  • EIS has clearly defined and communicated strategic directions and strategic objectives, aligned with its mandate.
  • The current governance structure supports the requesting and receiving of information.

Control

2. We would expect to find that files are compiled and tracked consistently and in compliance with the CFIA Enforcement and Compliance Policy (Policy):

  • Files are compiled consistently and in compliance with the Policy.
  • Approvals occur at determined decision-making intervals.

3. We would expect to find that training occurs consistently across all Areas:

  • Oversight exists to ensure training occurs across all Areas.
  • Consistent training materials are used across all Areas.

4. We would expect to find that time and costs for AMPS files are tracked:

  • Costs, time and case file results are tracked.
  • Case file results are reported up on a regular basis to the appropriate oversight body.

Risk Management

5. We would expect to find that investigation caseloads are distributed comparably across each Area:

  • Risk information/Triage is used when distributing investigation caseloads in each Area.

6. We would expect to find the existing governance structure supports the organization's mandate and operational requirements:

  • Management identifies risks that may preclude the achievement of EIS objectives.
Date modified: