Archived - Follow-up Audit of the Control and Disposal of Goods Seized under the Customs Act

April 2014

Archived Content

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

The {*} asterisk denotes sections that have been removed because they contain sensitive information.

1.0 Introduction

The Canada Border Services Agency (the Agency) processes goods for import, collects duties and taxes and enforces Canadian laws and regulations. Goods not in compliance with laws, acts or regulations may be seized or detained.

Seizures are executed for serious infractions and/or on undeclared goods under section 110 of the Customs Act. Detained goods are kept under section 101 of the Customs Act for less serious infractions or for declared goods.

Seizures executed under the Customs Act are recorded in the Integrated Customs Enforcement System (ICES). Commodities commonly subject to seizure are drugs, firearms, prohibited weapons/devices, child pornography, alcohol, tobacco, currency, vehicles and undeclared dutiable goods such as jewelry, clothing, footwear and electronic equipment. Reports extracted from ICES, as of May 2013, for the 2012‒2013 fiscal year show 25,204 seizures with a total value of $338 million.

Undeclared dutiable goods seized from travellers are dealt with by the application of monetary penalties called "terms of release" whereby the importer can keep the goods by paying a penalty. If the importer does not pay the penalty immediately, the Agency takes custody of the goods, which are released when/if the penalty is paid. More serious seizures, such as drugs, child pornography or prohibited firearms/weapons, offer no terms of release and the seized items are taken into the custody of the Agency.

Seized and detained goods must be protected from loss or damage. The Agency must respect Canadian laws concerning the handling, storage and disposal of goods. The Agency is responsible for maintaining secure, controlled storage facilities that safeguard seized goods. These facilities are called bond rooms, evidence rooms and Queen's warehouses. A bond room is a single office storage facility located in a particular Agency office. Evidence rooms contain evidence related to criminal investigations. A Queen's warehouse is a large multi-office collection facility for the extended storage and disposal of seized, detained and unclaimed goods. Seized goods are rarely suitable for sale.

Sensitive seized goods such as drugs, child pornography, firearms and prohibited weapons/devices are evidence, which may potentially support criminal charges. For prosecution reasons, the chain of custody must be controlled and documented. To maintain the integrity of the chain of custody, goods should be segregated. As well, seized drugs, firearms and other sensitive goods should be segregated and stored in limited-access security containers, such as safes or individual lockers, located within bond rooms and Queen's warehouses.

An Audit of the Control and Disposal of Goods Seized under the Customs Act conducted by the Agency's Internal Audit and Program Evaluation Directorate was published in 2009. The primary objective of the audit was to assess the adequacy and effectiveness of the framework for managing the control and disposal of goods seized under the Customs Act.

The audit resulted in nine recommendations to improve the control framework including monitoring processes, risk assessment, security, management of court evidence, inventory control, storage requirements, management of disposal and Queen's warehouses. In response, the Agency developed a management action plan, which included improvements to policies, systems and practices, to address the recommendations.

The Follow-up Audit of the Control and Disposal of Goods Seized under the Customs Act was approved as part of the Risk-Based Audit Plan 2012‒2013 to 2014‒2015.

2.0 Significance of the Audit

Seizures of goods under the Customs Act are conducted to protect the safety and security of Canadians by preventing the import of illegal or dangerous goods, and to impose monetary penalties on undeclared dutiable goods. The Agency is obliged to control and dispose of seized goods in compliance with law. Weaknesses in the control and disposal of goods could impact the health and safety of Agency employees, compromise chain of custody of evidence and court cases, or harm the reputation of the Agency.

The previous audit, conducted in 2009, found weaknesses in the control and disposal of goods seized under the Customs Act. The objective of this follow-up audit was to determine if the conditions that led to the recommendations made in the previous audit had been adequately addressed.

3.0 Statement of Conformance

The audit conforms to the Internal Auditing Standards for the Government of Canada, as supported by the results of the quality assurance and improvement program. The audit approach and methodology followed the International Standards for the Professional Practice of Internal Auditing as defined by the Institute of Internal Auditors and the Internal Auditing Standards for the Government of Canada, as required by the Treasury Board's Policy on Internal Audit.

4.0 Audit Opinion

The Agency has controls in place for seized goods, with opportunities for improvement.

Improvements were observed since the 2009 audit in manual inventory control processes and in the disposal of drugs, firearms and child pornography. However, there was minimal improvement related to the management control framework, including monitoring and oversight, access controls, security and the management of Queen's warehouses.

This results in a medium-high risk exposure to the Agency.

5.0 Key Findings

The Agency has controls in place for seized goods, with opportunities for improvement. The Programs Branch is the office of primary interest for the control and disposal of seized goods. Following the 2009 audit, the Operations and Comptrollership branches developed and published internal policies and procedures.

However, an office of primary interest has not been identified in Headquarters to provide management oversight and monitoring of Queen's warehouses. The Agency currently does not have assurance that seized goods sent to Queen's warehouses are appropriately disposed of.

Five Criminal Investigations Divisions were also observed during this follow-up audit. Control deficiencies initially identified in 2009 were observed with minimal progress to date against management action plans. This could impact court cases if chain of custody or continuity of evidence were questioned.

The audit noted that one third of interior storage facilities and all vehicle storage areas were below physical security standards with elevated risks pertaining to {*}. Most offices had the facilities they needed but lacked effective procedural controls to maximize security within existing infrastructure. Internal control of access was often unlimited, including operations with several hundred employees. Furthermore, access control monitoring was not continuous for most storage facilities.

The transfer and disposal of drugs, firearms and child pornography were generally compliant with disposal requirements, which is an improved situation over the previous audit. However, since 2010, precursor chemicals have been stockpiled, which presents health and safety risks for Agency employees.

Some improvements were noted in manual inventory control processes over seized goods. Most offices had a paper or Excel inventory control log, and 58% of inventory logs sampled were adequately maintained. This is improved over the previous audit where 6% of inventory logs sampled were adequate.

A number of issues related to management oversight and information systems were noted. For example, system controls such as the superintendent review lists were not always kept up-to-date. The Audit Control Review lists used to track and cancel seized goods recorded were not reviewed and closed as required. Additionally, all three postal operations had backlogs in recording and reporting seized good in ICES.

Formal risk mitigation strategies for the management of seized goods were not documented. As a result, controls to mitigate risks were either not developed or not operating as intended and risk remains elevated.

A summary table is provided in Appendix B, which outlines the Agency's progress in addressing the recommendations from the previous audit.

6.0 Summary of Recommendations

This audit makes the following seven recommendations:

  • Strengthen management oversight;
  • Dispose of precursor chemicals;
  • Maximize security;
  • Update procedures on chain of custody and continuity of evidence;
  • Improve inventory controls;
  • Provide needed equipment and monitor compliance with Agency storage policies; and
  • Design a proper control framework for Queen's warehousing.

7.0 Management Response

The Agency agrees with the recommendations of this audit. Immediate steps have already been taken to ensure that many of the risks identified in the audit have been addressed.

Specifically, the CBSA completed in February 2014, a review of all storage facilities including bond rooms, Queen's warehouses and investigations evidence rooms where seized goods are stored. Areas of concern were identified and where feasible, mitigating measures were immediately implemented. 

Based on the 2009 Audit, recommendations and policies were developed; further policy reviews have been undertaken to ensure that direction provided regarding the seizure, detention and destruction of goods is up to date. Control and disposal policies have been strengthened to focus on maintaining clear and precise audit trails and to ensure monitoring regimes are in place. The revised policies will be available on the Agency's intranet. Operational bulletins are being drafted and will be issued to the Regions to clarify expectations and ensure that their actions follow established protocols.

Consultations with Health Canada on the disposal of the stockpile of precursor chemicals have been held and amendments to their Regulations to authorize CBSA to dispose of precursors in the future are being considered. In the meantime, an interim authority was secured from Health Canada on March 7, which has allowed the CBSA to progress with the disposal of the current stockpiles. Procurement of required storage containers and access control systems has already begun.

The Operations Branch has completed the review of all outstanding seizure reports by superintendents and has issued new Performance Management Agreement accountability statements for superintendents, chiefs, directors and regional directors general. Improved management oversight procedures are being drafted and will be implemented immediately. A Steering Committee led by the Associate Vice-President of Operations will be established in order to ensure progress on the Management Action Plan is reviewed and tracked on a monthly basis. This will be further supported by conducting bi-annual Port Program Assessments for a period of two years, which will have a specific emphasis on the audit recommendations and then once annually.

8.0 Audit Findings

8.1 Control Framework

Audit Criteria:  Management has a well-designed national and regional control framework.

An effective control framework for the management and disposal of seized goods should include clearly defined control activities, including policies and procedures to support the management and disposal of seized goods. Oversight and monitoring are key to appropriate safeguarding and stewardship of seized goods.

Accountability, Policies and Procedures

The 2009 audit found that there was no office of primary interest to provide overall direction, coordination, accountability and monitoring of the control and disposal of seized goods, and recommended that one be created. The Operations Branch was tasked with implementing the recommendations from the 2009 audit. Since 2009, the primary responsibility for the seized goods program was transferred to the Programs Branch.

While the Programs Branch is the office of primary interest for seized goods, it was not evident who was responsible for the oversight of the Queen's warehouses. Identifying the oversight roles and responsibilities for Queen's warehouses in the Agency would facilitate the resolution of deficiencies, discussed below in Section 8.3.

The 2009 audit found that policies and procedures for the seizure process were available; however, policies and procedures on control, storage and disposal were incomplete and the audit recommended these be completed. In response, internal policies and procedures for the control and disposal of goods seized under the Customs Act were written, published in the Comptrollership Manual and made available on the Agency's intranet. The Agency's public Memorandum D19-9-2, Regulations of Narcotics and Controlled and Restricted Drugs, found to be out of date in 2009,has not been updated even though a management action plan was developed in 2009 to specifically address this deficiency.

In addition, the following gaps, discussed in Sections 8.2 and 8.3, were identified:

  • inadequate chain of custody and continuity of evidence;
  • weak access controls to storage facilities; and
  • inadequate controls in Queen's warehouses.

Risk Assessment

Effective risk management supports strategic priority setting, resource allocation, informed decision making and improved resultsFootnote 1. Processes should be in place to identify, assess, mitigate and monitor risks related to seized goods. This follow-up audit found that a formal risk assessment had not been completed. Furthermore, controls to mitigate risks were not developed at some sites (i.e. Queen's warehouses) or did not operate as intended at others (i.e. inventory control). These deficiencies identified in 2009 have not been actioned and remain risk areas.

Monitoring

A risk-based monitoring process, assessment of results and corrective measures help ensure that seized goods are appropriately managed. In 2009, the audit noted monitoring procedures, outlined in the Process Monitoring Framework, had not been implemented consistently across the Agency. In 2012, the Process Monitoring Framework was replaced with the Port Program Assessment. The first cycle covered seized goods, bond rooms, evidence rooms and Queen's warehouses. The Port Program Assessment found weaknesses in the areas of seizure review, storage, access control and inventory control which are consistent with the findings identified in this follow-up audit.

The Port Program Assessment is designed to monitor different program areas in each cycle. The most recent cycleFootnote 2. did not cover seized goods, bond rooms, evidence rooms and Queen's warehouses. Without regular monitoring at the local, regional and national levels, the Agency does not have adequate assurance on whether controls are working as intended in safeguarding, storing, and disposing of seized goods.

Integrated Customs Enforcement System Controls

Seizures, along with the details of all seized goods, are electronically recorded by border services officers in the ICES. The 2009 audit found that the controls related to management oversight of ICES were not operating as intended. The audit recommended that seizure review lists be kept up-to-date, replacement seizure numbers be recorded in ICES and a review work list for cancelled seizures be designed and implemented.

Seizure review by superintendents

Seizures recorded in the ICES should be reviewed within five working daysFootnote 3. The audit examined seizure review lists to determine whether the items on the lists were reviewed in a timely manner. Of the 36 seizure review lists tested during the follow-up audit, comprising 1,055 seizures, seizures older than 30 days had no evidence of being reviewed by superintendents in 61% of the cases (648 seizures), and no evidence of superintendent review was observed in 11% of the cases (115) that were older than a year. These results indicate that supervisory review has not improved significantly since 2009. When seizure review lists are not kept up-to-date, management cannot detect and correct deficiencies in a timely manner. Continued effort is required to strengthen management oversight and compliance with established controls.

Cancellation of seizures

Seizures can be cancelled due to data errors or because the seizure was not warranted. It is important to monitor the cancellation of seizures to ensure integrity. Seizure cancellation should be done by superintendents and the replacement seizure number should be included in the comments field of the cancelled seizure. A national report on cancelled seizures was analyzed. Two issues were noted:

  • Lack of segregation between seizure creation and cancellation, which presents oversight and control risks (135 out of 1,114 [12%]) of cancelled seizures reviewed had been created and cancelled by the same border services officer.
  • Replacement seizure numbers did not consistently reference the cancelled seizure in ICES, which makes tracing and monitoring of cancelled seizures more difficult.

An Audit Control Review list, to enable management monitoring of cancelled and modified seizures, was built into ICES as recommended in the 2009 audit. A bulletin, which provided direction on how to review cancelled and modified seizures, was published on the Agency's intranet in November 2010. However, regional managers interviewed were not aware of the existence of the Audit Control Review work list and consequently, were not monitoring cancelled and modified seizures.

Goods seized at postal operations

Postal operations conduct thousands of drug, weapon and other contraband seizures each year. In all three postal operations (Montréal, Toronto and Vancouver), there was a backlog of packages which had been examined and set aside for seizure, but the seizure was not yet recorded in ICES. These packages were kept for months, in some cases over a year, prior to the border services officer recording the seizure in ICES. Interviews indicated that management focused on the processing of postal packages and border services officers were not allocated the time needed to record their seizures in ICES in a timely manner. These observations were not previously reported in 2009.

Precursor chemicals

Precursor chemicals are controlled under the Controlled Drugs and Substances Act, Schedule VI, because they may be used to manufacture illegal street drugs. Police agencies will not take custody of these chemicals unless there is a criminal investigation. Since 2010, precursor chemicals have been accumulating with over 1,900 seizures in storage as of December 2013 {*}. The Programs Branch at Headquarters has been working towards a solution for disposing of the current inventory and a long-term solution permitting their regular destruction. The stockpiles of precursor chemicals also present health and safety risks and may be vulnerable to theft. These observations were not previously reported in 2009.

In summary, the 2009 audit recommended the need to strengthen the control framework for seized goods. This follow-up audit found that minimal improvement had been made. Without sustained management oversight, assessment of risks and controls, and monitoring, seized goods may not be sufficiently safeguarded.

Recommendation 1:

The Vice-President of the Programs Branch, in collaboration with the Vice-Presidents of the Operations and Comptrollership branches, should strengthen management oversight of the control and disposal of seized goods with a focus on risk assessment, monitoring and system controls.

Management Response Completion date
  • The Programs, Comptrollership and Operations Branches agree with this recommendation.
  • The Programs Branch in cooperation with the Comptrollership Branch will update all policies relating to the control and disposal of seized goods and direct the Regions on application of the new policies.
  • The Programs Branch, supported by Operations Branch, will review the relevant functionality and system controls currently in place and strengthen internal controls including monitoring and risk assessment.
December 2014

Recommendation 2:

The Vice-President of the Programs Branch, in collaboration with the Vice-President of the Operations Branch, should take immediate steps to dispose of the stockpiled precursor chemicals and develop a solution permitting their regular disposals.

Management Response Completion date
  • The Programs and Operations Branches agree with this recommendation.
  • Steps for the immediate disposition of the stockpile of precursor chemicals by the Regions are currently underway. The final phase is seeking an interim Ministerial exemption under the Controlled Drugs and Substances Act, which will be sought by Programs Branch for the immediate authority to dispose of the stockpile of precursor chemicals.
  • Working with Health Canada, the Agency will pursue long term measures that will provide the CBSA with the authority to dispose of precursors seized by or forfeited to the Crown on an ongoing basis. On March 7, the CBSA was granted an interim authorization to dispose of current and future precursor chemical seizures.
December 2014

8.2 Safeguard of Assets

Audit Criteria:

  • Storage facilities are physically secure.
  • Access to storage facilities is controlled.
  • An inventory control system is in place.

Physical security and Access control

Physical security

Seized and detained goods kept in the custody of the Agency must be protected from loss or damage. A high-level of control is necessary as seized goods may be valuable, and could be required as evidence for prosecution.

According to the Agency's policy, storage facilities for seized goods should be managed as high-security zonesFootnote 4. A high-security zone requires: a secure perimeter; placement within a security zone; 24/7 continuous monitoring; and recording of access.

The 2009 audit found that 58% of the facilities visited were below the Agency's physical security standards. For 63 storage facilities examined in this follow-up audit, 27 out of 63 (43%) were below the physical security standards: 20 out of 56 interiorFootnote 5 storage facilities and the seven vehicleFootnote 6 storage areas did not meet standards. While there has been an improvement for the interior storage facilities since the previous audit, no change has been noted for the exterior vehicle storage sites.

This follow-up audit found that 11 out of 63 (17%) storage facilities were managed as high-security zones, compared to 3% in 2009. As identified in the 2009 audit, it may not be cost effective for all facilities to meet the Agency's physical security standards. For lower volume offices, a secure cabinet located within a high-security zone, or a movement of seized goods to a properly controlled storage facility on the same day may be adequate. However, the decision to operate a facility below the security standard should be based on a documented threat and risk assessment, which the 2009 audit recommended be conducted. Such an assessment has not been completed; rather, security assessments were performed to identify required security improvements. Without assessing storage facilities relative to risk, strategic investments focused on higher risk facilities cannot be made.

Access control

Motion detection alarms provide "continuous monitoring" when properly used. When Agency offices are 24/7 operations, employees can provide continuous monitoring by their presence in proximity to the storage facility. However, Agency offices that are not 24/7 operations (silent hours when closed) require a motion detection alarm installed inside the storage facility in order to achieve "continuous monitoring" and to meet the requirements for management as a high security zone. The installation of cameras inside storage facilities is a good practice for post-incident investigation; however, cameras do not provide continuous monitoring as cameras are not continuously watched.

The 2009 audit found that access control monitoring for unauthorized intrusion was not continuous in 71% of storage facilities visited. This follow-up audit found that access control monitoring for unauthorized intrusion was not continuous for 62% of storage facilities visited, 33 (of 56) interior storage facilities, and for six (of seven) vehicle storage areas. Unauthorized intrusion and loss of seized goods are a risk when facilities are not continuously monitored or when access is not adequately controlled.

Of the 45 interior facilities rated by the audit as below high security zone, security could be augmented and the security zone improved at over 30 facilities by installing and using motion detection alarms and/or implementing control of access logs.

The Agency's Comptrollership Manual identifies controls to restrict access to "employees authorized to access the area for the performance of their duties"Footnote 7. However, this led to an interpretation that all Agency employees working with seized goods may be granted access to storage facilities, including locations where several hundred employees worked.

In summary, most Agency offices had the physical storage facilities needed; however, security could be strengthened by implementing restricted/supervised access controls and 24/7 continuous monitoring and managing storage facilities as high-security zones. The weaknesses identified in the 2009 audit related to physical security and access controls persist.

Control of court evidence

Goods seized under the Customs Act may be transferred to the Agency's Criminal Investigations Divisions for further investigation and court proceedings. These goods are referred to as court evidence. The 2009 audit found uncontrolled internal access and a lack of segregation of court evidence from non-evidentiary items, such as office supplies. The audit recommended that security and management of court evidence be improved.

Following the 2009 audit, Headquarters Criminal Investigations issued a bulletin with instructions for the control and safeguarding of evidenceFootnote 8. The bulletin included guidance on:

  • Use and access control;
  • Access to documents and goods;
  • Inventory control; and
  • Semi-annual reviews.

However, there was no follow-up conducted by Headquarters, of whether instructions were being followed by the regional Criminal Investigations Divisions. {*}

Inventory control

The 2009 audit found that inventory control was inadequate; only 6% of the offices visited maintained an up-to-date inventory control log. The audit recommended the design and implementation of an electronic inventory control system and, in the interim, the improvement of manual inventory control procedures.

Following the 2009 audit, the Corporate Administration System was considered as a possible solution for the inventory control system. A decision was made by management not proceed due to resource constraints. As a result, inventory control remains a manual process, using paper-based or Excel inventory control logs.

Audit testing in this follow-up audit revealed that 58% of inventory control logs (30 out of 52) were adequately maintained. For those offices with deficient inventory control, the log was either not in place or up-to-date.

Deficient inventory control renders the conduct of reconciliations ineffective and increases the risk that loss of goods will not be detected and corrected. Inventory controls remain weak with current manual processes. Implementation of an electronic inventory control ledger could assist in physical custody and tracking of seized goods until disposal.

Recommendation 3:

The Vice-President of Comptrollership Branch should:

  • Conduct a risk assessment on each storage facility; and
  • Determine and document which storage facilities can deviate from the prescribed standards based on the results of the risk assessment.
Management Response Completion date
  • The Comptrollership Branch agrees with this recommendation.
  • Comptrollership Branch will apply the RCMP – CSEC Harmonized Threat and Risk Assessment methodology to each facility in order to establish a prioritized list of facilities where the bond room, Queen's Warehouse or evidence room show indicators that they require attention.
March 31, 2015

Recommendation 4:

The Vice-President of the Programs Branch, in collaboration with the Vice-Presidents of the Operations and Comptrollership branches, should update existing procedures for the Criminal Investigations Divisions outlining the controls required to further strengthen chain of custody and continuity of evidence.

Management Response Completion date
  • The Programs Branch agrees with this recommendation.
  • Programs Branch should ensure that investigators are made aware of current policy and procedures that prescribe controls necessary to maintain continuity of evidence and establish a chain of custody whenever evidence is seized.
March 31, 2015

Recommendation 5:

The Vice-President of the Programs Branch, in collaboration with the Operations Branch, should strengthen inventory controls.

Management Response Completion date
  • The Programs and Operations Branches agree with this recommendation.
  • The Programs Branch, in cooperation with the Comptrollership and Operations Branches will review the inventory controls currently in place and implement new procedures where necessary.  

September 30, 2014

8.3 Compliance with Authorities

Audit Criteria:

  • Seized goods are stored and packaged in compliance with authorities.
  • Seized goods are disposed of in compliance with authorities.

Storage and Packaging

According to the Agency's Comptrollership Manual, storage facilities are to be dedicated solely for the storage of seized and detained goods. Drugs and firearms should be further secured in limited-access security containers, such as safes or lockers. For open shelf storage, firearms must be rendered inoperable by using a trigger lock, cable lock, or removal and separate storage of the boltFootnote 9.

The 2009 audit identified compliance issues with the storage of drugs and firearms, the mixed use of storage facilities, and a need for freezers for perishables. The audit recommended proper storage equipment be provided and that managers be made aware of storage requirements.

This follow-up audit found that storage requirements were written into the policies issued by the Comptrollership Branch. However, of the 39 locations visited for the follow-up audit, compliance issues were identified as follows:

  • nine stored drugs on open shelvesFootnote 10;
  • five stored firearms openlyFootnote 11 (without being trigger/cable locked or the bolt removed);
  • nineteen did not have a freezer for perishables; and
  • fifteen used the bond room for storage of non-seized or detained goods.

Disposal

The 2009 audit identified that the disposal of seized goods was not fully compliant with authorities. The audit recommended improvements in the control, monitoring and management of disposals.

In this follow-up audit, seizures were sampled and traced to disposition: drugs (80 of 10,069); firearms, parts and prohibited devices (33 of 407); and child pornography (20 of 102).

The transfer and disposal of seized goods was generally compliant:

  • Drugs were transferred to the RCMP or police where required, or were still in inventory;
  • Child pornography was referred and/or transferred to the Criminal Investigations Division or police as required; and
  • Firearms and prohibited devices were transferred to RCMP or police where required, released on payment/export, destroyed or were still in inventory.

All seized items in the sample were traced and accounted for. This is an important area of improvement since the 2009 audit.

Management of Queen's warehouses

Seized goods not required to be transferred to the police, a Criminal Investigations Division or another government department, are sent to Agency-operated Queen's warehouses for disposal. This includes goods such as jewelry, alcohol, cigarettes, tobacco and prohibited weapons and devices.

The 2009 audit identified weakness in the management of Queen's warehouses. The audit recommended that proper management controls be implemented, such as segregation and rotation of duties.

For the follow-up audit, four {*} Queen's warehouses {*} were visited. The follow-up audit found that management controls have not been properly designed and oversight of Queen's warehouses was still lacking.

The following gaps, noted in the previous audit, remain:

  • An office of primary interest in Headquarters has not been identified to provide overall direction and coordination. This observation relates to the management control framework.
  • At three Queen's warehouses {*}:
    • goods received were not counted by the warehouse clerk(s) prior to being inventoried, to ensure that all goods sent to the warehouse were received;
    • lack of segregation of duties between managing and disposing of seized goods; and
    • limited management oversight and monitoring.
  • At two Queen's warehouses {*}, the accuracy and completeness of the inventory control log could not be assessed against physical goods because seizures ready for destruction had been intermingled, the goods palletized and inventory control numbers had been removed from individual items.
  • At four Queen's warehouses:
    • rotation of duties was not implemented; and
    • reconciliation between disposal and the original seizure action was not performed to ensure all goods seized and scheduled for disposal were appropriately disposed of.

The Agency does not have assurance that goods sent to Queen's warehouses are appropriately disposed of. The lack of an appropriately designed control framework for Queen's warehouses increases the risk of seized goods being misappropriated. Given the current lack of controls, this may not be detected.

Recommendation 6:

The Vice-President of the Operations Branch should:

  • Implement measures to ensure storage facilities are managed in accordance with established security standards and that proper monitoring procedures are implemented; and
  • Ensure storage facilities are provided with the necessary equipment to ensure compliance with security standards.
Management Response Completion date
  • The Operations Branch agrees with this recommendation.
  • A review of current bond rooms, Queen's Warehouses and evidence rooms was completed in February to identify gaps, and measures will be implemented to ensure storage facilities comply with security standards and a monitoring process is implemented. All shortcomings and gaps that can be immediately corrected, including the purchase of storage containers, will be addressed by June 2014.
May 31, 2015

Recommendation 7:

The Vice-President of the Programs Branch, in collaboration with the Vice-Presidents of the Operations and Comptrollership branches, should designate an office of primary interest for Queen's warehouses, and design and implement an appropriate control framework.

Management Response Completion date
  • The Programs, Operations and Comptrollership Branches agree with this recommendation.
  • Programs Branch will name an office of primary interest for Queen's Warehouses.
  • Programs Branch, in consultation with Comptrollership Branch, will develop a control framework that will be comprised of physical security standards (recommendation 3), policy and procedures, as well as monitoring mechanism.
June 30, 2014

Appendix A – About the Audit

Audit Objective and Scope

The audit objective was to determine if the conditions that led to the recommendations made in the previous audit were adequately addressed.

The audit scope covered Agency storage facilities, practices and procedural controls for seized goods, including: physical security, access control, inventory control, facility capacity, storage and disposal. Previous recommendations and the implementation and effectiveness of the management action plans, developed by the Agency following the previous Audit of the Control and Disposal of Goods Seized under the Customs Act, were examined.

The scope of the seizure file review covered seizures conducted under the Customs Act from April 1, 2012 to March 31, 2013 and included all regions.

Seizures conducted under the Criminal Code, Immigration and Refugee Protection Act and regulations, and the Proceeds of Crime (Money Laundering) and Terrorist Financing Act were excluded from seizure review.

Agency offices and storage facilities were visited in five regions: Quebec, Northern Ontario, Greater Toronto Area, Southern Ontario and Pacific. Fieldwork included ports of entry, postal plants, Queen's warehouses and Criminal Investigations Divisions. A total of 63 facilities were visited.

Risk Assessment

The risk assessment conducted during the planning phase identified the following key risk area:

Implementation and effectiveness of the management action plan – there is a risk that the management action plan was not fully implemented or was not effective as a catalyst for change. This could result in the Agency being exposed to previously identified weaknesses such as inadequate oversight, non-compliance with authorities, loss of goods or inefficient processes.

Approach

The audit was conducted in accordance with the Internal Auditing Standards for the Government of Canada. The examination phase of this audit was performed using the following approach:

  • Reviewed legislation, policies, procedures, guidelines, reports, performance information, and other relevant documentation. Obtained supporting documentation on the implementation of management action plan items.
  • Analyzed the actions implemented following the Audit of the Control and Disposal of Goods Seized under the Customs Act. Assessed whether management action plans were implemented within the regions and branches, and whether the action items addressed the intent of the recommendation.
  • Sampled seizure files for the period of April 1, 2012 to March 31, 2013 to assess if disposal practices were in compliance with authorities. Seizure files were selected from the following targeted commodities: drugs; firearms: prohibited weapons/devices; and child pornography.
  • Visited selected regions to review seizure controls, observe/inspect facilities and review the management of storage facilities, with the objective of testing regional controls through compliance measurement of physical security, access control, inventory control, facility capacity, monitoring, storage, packaging and disposal practices.

Audit Criteria

Given the preliminary findings from the planning phase, the following criteria were chosen:

Lines of Enquiry Audit Criteria
Control Framework
  • 1.1  Management has a well-designed national and regional control framework.
Safeguard of Assets
  • 2.1  Storage facilities are physically secure.
  • 2.2  Access to storage facilities is controlled.
  • 2.3 An inventory control system is in place.
Compliance with Authorities
  • 3.1 Seized goods are stored and packaged in compliance with authorities.
  • 3.2 Seized goods are disposed of in compliance with authorities.

Appendix B – Progress Table

Audit Criteria Previous Findings (2009) Current Findings Progress
Lines of Enquiry: Control Framework
Management has a well-designed national and regional control framework. The control framework for the management of seized goods was not complete and not effective in ensuring seized goods were secure, accounted for and disposed of in compliance with authorities. Minimal improvement was made to the management control framework, including oversight, monitoring and risk assessment. Issues requiring Headquarters attention have not been resolved.   Minimal improvement
Lines of Enquiry: Safeguard of Assets
Storage facilities are physically secure. 58% of sites visited were below the Agency's physical security standards. 43% of the sites visited were below the Agency's physical security standards. Minimal improvement
Access to storage facilities is controlled. 71% of sites visited did not continuously monitor access. 62% of the sites visited did not continuously monitor access. Minimal improvement
An inventory control system is in place. 6% of offices visited maintained an up-to-date inventory control log. 58% of offices visited maintained an up-to-date manual inventory control log. National procedures and system has not been developed. Moderate improvement
Lines of Enquiry: Compliance with Authorities
Seized goods are stored and packaged in compliance with authorities. Storage facilities for drugs, firearms and ammunition were not consistently compliant. Storage issues pertaining to perishables, use of bond rooms to store non-seized goods, drugs on open shelves, and firearms were observed. Minimal Improvement
Seized goods are disposed of in compliance with authorities. Non-compliance found in the disposal of drugs, firearms, and child pornography.

Weaknesses were identified in the management of Queen's warehouses, lack of segregation of duties and limited management oversight.
Disposal of drugs, firearms and child pornography were generally compliant.

Issues identified in 2009 remain prevalent at Queens Warehouses.
Significant improvement

No improvement

Progress definition legend:

Significant improvement:
Most weaknesses identified in the previous audit have been addressed, minor issues remain.
Moderate improvement:
Some weaknesses identified in the previous audit have been addressed, issues still remain.
Minimal improvement:
Some weaknesses in the previous audit have been addressed, key issues still to be addressed.
No improvement:
Weaknesses identified in the previous audit have not been addressed.

Appendix C – Acronyms

CBSA
Canada Border Services Agency
CSEC
Communications Security Establishment Canada
ICES
Integrated Customs Enforcement System
RCMP
Royal Canadian Mounted Police

Footnotes

Footnote 1

Framework for the Management of Risk, Treasury Board, 2010

Return to footnote 1 referrer

Footnote 2

The scope was from April 1, 2012 to March 31, 2013.

Return to footnote 2 referrer

Footnote 3

Enforcement Manual, Part 7, Customs Enforcement Systems, Information, and Intelligence, Chapter 1, "Integrated Customs Enforcement System (ICES) Policy", Canada Border Services Agency, 2009.

Return to footnote 3 referrer

Footnote 4

Comptrollership Manual – MM Volume, Chapter 4: Operation, Use and Maintenance; Section 12: Control of Seized, Detained, Abandoned and Forfeited Goods, Canada Border Services Agency.

Return to footnote 4 referrer

Footnote 5

Interior storage facilities – Bond rooms, evidence rooms, Queen's warehouses or any other seized goods storage facilities should be built to SR-1 standards outlined in the Royal Canadian Mounted Police (RCMP) publication Secure Rooms and in the Agency's Secure Room Standard.

Return to footnote 5 referrer

Footnote 6

Vehicle storage areas – Fencing guidelines are found in Agency publications such as Fencing and the Security Design of CBSA Facilities.

Return to footnote 6 referrer

Footnote 7

Comptrollership Manual – MM Volume, Chapter 4: Operation, Use and Maintenance; Section 12: Control of Seized, Detained, Abandoned and Forfeited Goods, Canada Border Services Agency.

Return to footnote 7 referrer

Footnote 8

Evidence Rooms – Control and Safeguarding of Evidence, 2009

Return to footnote 8 referrer

Footnote 9

Comptrollership Manual, Material Management Volume, Chapter 4, Section 12: Control of Seized, Detained, Abandoned and Forfeited Goods

Return to footnote 9 referrer

Footnote 10

Within bond rooms.

Return to footnote 10 referrer

Footnote 11

Within bond rooms.

Return to footnote 11 referrer

Date modified: