Executive Summary
Archived - Accounts Receivable Ledger
We have archived this page on the web
The information was accurate at the time of publishing but may no longer reflect the current state at the Canada Border Services Agency. It is not subject to the Government of Canada web standards.
The CBSA launched the Accounts Receivable Ledger (ARL) solution, which is based on the SAP Public Sector Collections and Disbursement (PSCD) software module. This solution enables the CBSA to track duties and taxes payable on the importation of commercial goods by client account – rather than by transaction. The solution encompasses connections to multiple existing CBSA applications and databases. The ARL solution is integrated with the Revenue Ledger and is the solution that replaces the legacy Temporary Accounts Receivable System (TARS).
For the most part, the information held within the ARL is commercial in nature: corporate contact information, corporate business numbers and carrier codes. ARL will hold information about importers, carriers, duty free shop operators, warehouse operators and customs brokers. In rare circumstances, the importers or carriers may be small, sole proprietors and, in those cases, the identity, CRA-issued Business Numbers and even carrier codes would be considered personal information. It is for this reason that the CBSA has completed a Privacy Impact Assessment (PIA).
The ARL solution tracks import duties and taxes, monitors payments and facilitates reimbursements in the event of an overpayment by importers. This process requires connections with the Canada Revenue Agency (CRA) and with Public Services and Procurement Canada (PSPC). The tombstone information held within the ARL is derived from CBSA legacy databases, originating from the CRA, and is referred to as "Client Master Data." Information (such as Business Numbers and contact information) may be validated for accuracy against existing collections of tombstone information held within CRA databases.
In April 2015, the first component of ARL, known as Client Master Data, was successfully implemented, cleansing the legacy client master data (tombstone information) and populating the new SAP - ARL system. The second component of ARL, enabling ePayments, was implemented in May 2015. The third component, known as R1C (the release for which this PIA was completed) built on these components, enabling an accounts receivable sub-ledger, transitioning commercial activity clients and enabling account billing, invoicing and collections. This final component of ARL was successfully implemented on January 25, 2016.
The personal information contained within the ARL solution is limited to the name/contact information of individual commercial importers, signature, language preference, CRA-issued Business Number and their carrier code (for transporters). The information will be used to track import duties and taxes and to communicate transaction information to the CRA.
General legal authority is derived from the Canada Border Services Agency Act, the Customs Act, the Customs Tariff, the Excise Act, the Excise Tax Act and the Special Import Measures Act. Specific legal authority derives from section 107 of the Customs Act.
Information will be stored in the ARL software application. In addition, information may be stored in the Customs Commercial System (CCS), Traveller Entry Processing System (TEPS), Batch Accounting Reporting K32 System (BARKS) and Automated Monetary Penalty System (AMPS).
Basic contact information will be leveraged by the CBSA to communicate with clients for newsflashes, outage bulletins and to communicate any urgent information.
Right of Access and Accountability
Processes related to information access rights, information requests and information related concerns are clearly described on the CBSA website as follows:
- The personal information related to the ARL will be held for six complete fiscal years before being destroyed. Because the information originates with the CRA, CBSA encourages individuals to file requests for access and records corrections directly with the CRA citing CRA PPU 223 Business Number Registration and/or Excise and GST/HST Rulings and Interpretations CRA PPU 092. Further information about this activity is described within the CBSA Info Source Chapter under the Personal Information Bank CBSA PPU 1501 which is detailed at http://www.cbsa-asfc.gc.ca/agency-agence/reports-rapports/pia-efvp/atip-aiprp/infosource-eng.html.
- Access to personal information or corporate records related to the ARL is facilitated by a request to the Access to Information and Privacy Division of CBSA http://www.cbsa-asfc.gc.ca/agency-agence/reports-rapports/pia-efvp/atip-aiprp/menu-eng.html.
- Concerns about the collection, use, disclosure or retention of personal information, are to be addressed by issuing a complaint to CBSA Access to Information and Privacy Division.
- For any information received via the online Feedback Form, such as compliment, comment or complaint, the user is informed of the program purpose, as well as the related collection, use, disclosure and retention practices.
Conclusions
Limited administrative risks were noted during the PIA process:
- While the Record Disposition Authority (RDA) and associated retention disposition standards have been identified, the ARL is not currently designed to identify records that are eligible for disposal. It is the intention of the CBSA ARL project team to build this function prior to the (six full year) retention date being met.
- Currently, there is no institution-specific Personal Information Bank (PIB) registered for the collection. Historically, the CBSA has relied on the standard Accounts Receivable PIB. Registering an institution-specific PIB that documents the indirect collection, as well as disclosures to the CRA and PWGSC would be a more transparent approach. A PIB was drafted during the PIA process.
- Opportunities exist to strengthen the Memorandum of Understanding between the CRA and the CBSA, specifying retention and disposition requirements, documenting access points internal to the CBSA as well as documenting which organization should be responsible for handling any requests for access to information under the Privacy Act.
- As the information is collected indirectly through CRA, there is no obligation for the CBSA to provide notice to the individual clients. It was noted, however, that neither the related CRA PIB, nor the Business Number application form reference disclosure of this information to the CBSA. While this is not a risk for the CBSA, CRA has been contacted and informed of this omission.
- Date modified: