Vol. 149, No. 18 — May 2, 2015
Regulations Amending the Controlled Goods Regulations
Defence Production Act
Department of Public Works and Government Services
(This statement is not part of the Regulations.)
Controlled goods are items specifically designed or modified for military use; they include, among other things, items such as anti-tank weapons, bombs, torpedoes, mines, missiles, military vehicles (tanks), vessels (submarines), combat aircraft, and chemical, biological and radioactive material used for military purposes. The Controlled Goods Program (the Program), created in April 2001, is a domestic industrial security program administered by the Department of Public Works and Government Services (PWGSC, or the Department). The objective of the Program is to safeguard controlled goods within Canada, prevent controlled goods from being accessed by unauthorized persons, and strengthen Canada’s defence trade controls. The Program supports Canada’s national security framework by preventing the domestic proliferation of tactical and strategic goods (including technologies). It regulates the possession, examination, and transfer of controlled goods, including the defence articles contained in the United States Munitions List (USML) to the U.S. International Traffic in Arms Regulations (ITAR).
The Controlled Goods Regulations (the Regulations), made pursuant to the Defence Production Act (DPA), were registered on January 9, 2001, and came into force on April 30, 2001. The Regulations require individuals and companies that possess, examine or transfer controlled goods in Canada to register with the Program. The Program conducts security assessments of the applicant’s designated official (i.e. the company-appointed official who is responsible for performing the security assessment of employees), conducts inspections to ensure compliance with the Regulations, and grants exemptions to visitors, temporary workers and international students.
In 1954, the United States instituted the ITAR to implement provisions of the U.S. Arms Export Control Act to control the export and import of defence-related articles and services specified on the USML. For practical purposes, the ITAR prohibit the sharing of information and materials on the USML with non-U.S. persons without authorization from the U.S. Department of State or without an exemption. From the inception of the ITAR, Canada was the only country to benefit from exemptions allowing the licence-free import of certain defence articles. Canadian defence industries benefited from the Canadian exemptions, as these exemptions placed them on a quasi-equal footing with their U.S. counterparts and resulted in significant economic benefits from reduced export paperwork and approval timelines. In 1999, the United States unilaterally revoked the Canadian exemptions due to increased security concerns regarding the risk of diversion of defence articles for criminal or terrorist aims. Although the United States reinstated most of the pre-1999 ITAR exemptions with the implementation of the Controlled Goods Program, they maintained the access restriction by certain individuals with dual nationality and nationals from developing countries. Under this restriction, an end-user was prohibited from access to an ITAR-controlled good if he or she maintained citizenship of a proscribed country listed under the ITAR (e.g. North Korea, Iran, Sudan, Venezuela).
The application of the “dual national rule” caused various human rights complaints to be brought against employers in Canada who were denying access to ITAR-controlled articles based on an individual’s nationality, as the Canadian Charter of Rights and Freedoms protects individuals from discrimination based on nationality. In 2007, the Minister of Public Works and Government Services (the Minister) was given the lead to address this issue and began discussions with U.S. counterparts to identify solutions. In August 2011, an exchange of letters (EOL) between PWGSC and the U.S. Directorate of Defense Trade Controls (DDTC) was signed. As described below, the EOL served, in part, to resolve the dual national issue.
The pre-9/11 security environment in which the Program was created has also evolved. There is now increased security awareness of the risks posed by the diversion of military and strategic technology to support criminal and terrorist threats. In 2009, a threat and risk assessment identified potential security gaps in the Program. Concurrently with the exchanges with the U.S. DDTC on resolving the dual national issue, the Program developed the Enhanced Security Strategy (ESS). The purpose of the ESS was to address the security gaps identified through the risk assessment while fulfilling the commitments made through the EOL. In signing the EOL, the DDTC acknowledged that the enhancements to the Program made as part of the ESS satisfied the ITAR requirements for the screening of significant and meaningful associations and travel (i.e. under section 126.18(c)(2) of the ITAR rule). This in effect resolved the issue of individuals with dual nationality and nationals from developing countries.
Enhanced security strategy — Phase I
The implementation of the ESS was divided into two phases, the first of which was initiated in October 2011. Security and business enhancements brought to the Program through Phase I of the ESS were implemented under existing authorities and did not require immediate amendments to the Defence Production Act (DPA) or to the Controlled Goods Regulations (the Regulations). Phase I improvements included the following:
- Increased efficacy of the Program registration process. This was achieved by
- Increasing the assessment of ownership, including foreign ownership, by requiring owners with 20% or more of voting shares to submit a completed Security Assessment Application Form as part of the registration application process; and
- Requiring authorized individuals (i.e. the individual authorized by the applicant who signs to confirm that the application for registration of a person is accurate and complete) to submit a completed Security Assessment Application Form as part of the registration application process.
- Tightened security assessment procedures for both government and industry. This was achieved by
- Standardizing the security assessment procedures, such as developing a new Security Assessment Application Form and mandating that it be used by designated officials as part of the security assessment of employees;
- Applying a standardized risk matrix assessment tool across the board for all Program registrants;
- Creating a certification program for industry officials who are responsible for security assessments within their organization (i.e. designated officials);
- Requiring that designated officials submit fingerprint results as part of the application process;
- Increasing support provided to designated officials in the security assessments of moderate- and high-risk employees;
- Ensuring that students who access controlled goods undergo security assessments;
- Increasing the checks on temporary worker exemption applications by referring tombstone information (e.g. name, address, telephone number) to security and intelligence partners; and
- Acquiring an off-the-shelf analytical tool to evaluate additional security assessment-related information, and to analyze information received from security and intelligence partners and exchange information with these partners.
- Augmented compliance-related activities. This was achieved by
- Increasing Program capacity and outreach efforts to promote compliance, including telephone pre-inspection coaching and conducting a complete internal review of the compliance inspections processes; and
- Adding the requirement for the security plans of registrants to include transportation and cybersecurity considerations.
- Implemented structural and operational elements in support of the strategy. These included
- Creating three new divisions: Program Management and Learning Division (responsible for the certification program and external communications), Strategic Initiatives Division (responsible for liaising with the United States on export control and ITAR issues, drafting policy guidance, and amending the Regulations), and Intelligence and Analysis Unit (which liaises with security and intelligence partners and analyzes high-risk files); and
- Increasing capacity in the Operations Division to process additional security assessments (i.e. assessments of the authorized individuals and owners).
In addition to the steps taken under the ESS — Phase I, it was determined that three additional elements of the ESS required regulatory amendments for the Program to be implemented as intended. These amendments were deferred to Phase II and are intended to achieve the objectives under this phase. More specifically, the proposed amendments would
- Enable the Minister to make a recommendation to the designated official for high-risk employees submitted for further verifications and require that the designated official consider this recommendation;
- Enable the security assessment of a visitor and obtain the consent of the individual subject to that assessment; and
- Require registrants to submit a list, to the Minister, of individuals who have undergone a security assessment for access to controlled goods.
Although the Defence Production Act (DPA, or the Act) and the current Regulations provide the initial statutory and legal authority for ESS — Phase I, it has been determined that it would be beneficial to further clarify certain elements in regulations. More specifically, the current Regulations do not specify that the authorized individual (i.e. the individual who is responsible for signing and submitting the application for registration and renewal) and the owner(s) must undergo a security assessment, nor do they specify who is responsible for conducting that assessment. Furthermore, the information requested as part of a security assessment is not fully described under section 15 of the Regulations. Although subsection 15(6) provides that the Minister may take into consideration other information provided by a person, it does not state what this information may be. This lack of clarity under the current Regulations has been problematic for industry in some instances, particularly in regard to industry’s ability to demonstrate compliance with Program requirements.
Further, the current operational requirement that the designated official undergo certification is not included in the Regulations. Moreover, the Regulations do not include the requirement for the designated official to refer high-risk employees to the Program for further assessment. These fundamental elements of the Enhanced Security Strategy merit inclusion and clarification in the Regulations.
As described below, three ESS activities require regulatory authority in order to be implemented. Two of these activities would represent a minor change to existing practices, while the third would build on existing record-keeping requirements.
1. Enable the Minister to provide a recommendation to the designated official for high-risk employees
Although designated officials currently submit high-risk employee security assessments to the Program for further checks with security and intelligence partners, the Minister does not have the authority to make a recommendation to the designated official based on the findings of the additional security checks, nor does he or she have the authority to require the designated official to consider the recommendation as part of the determination. Currently, the Program communicates that the security assessment conducted by the designated official is either supported (i.e. confirmed) or not supported (i.e. could not be substantiated). Program stakeholders have communicated that the current response by the Program is not clear and that a recommendation would be more appropriate in supporting the designated official’s final determination.
2. Obtain the consent of the individual in the visitor exemption process
Under the current Regulations, an application for a visitor exemption is submitted by the registered person on behalf of the visitor, but the Regulations do not specify that a security assessment will be conducted, nor do they specify that the consent of the visitor is required for a security assessment. Consent is required for the Program to be able to consult security and intelligence partners regarding the security assessment, and the requirement for consent must be specified in regulations. These applications for visitor exemptions cannot currently be referred for further checks.
3. Require registrants to submit a list of all individuals who have undergone a security assessment
Another commitment made as part of the ESS was to collect information with regard to individuals who have access to controlled goods. The intent is to create a repository of information to facilitate exchanges with security and intelligence partners and, if necessary, to assist the Royal Canadian Mounted Police during the investigation of security breaches relating to controlled goods. Under the current Regulations (paragraph 10(b)), registrants must maintain records of security-assessed individuals authorized to access controlled goods. Paragraph 10(i) further stipulates that these records must be made available to the Minister at any reasonable time. However, under the current Regulations, the Program cannot request registrants to submit this information in a list format on a (routine) biannual basis.
This proposal would also address recommendations made by the Standing Joint Committee for the Scrutiny of Regulations, which has expressed concerns regarding the powers of the Minister under section 27, and the use of the phrase “without delay.” The Department has agreed to address these issues by clarifying the circumstances under which the Minister shall suspend, revoke, or re-instate a registration or exemption, and by prescribing time frames.
The proposed Regulations would amend the Controlled Goods Regulations, pursuant to the Defence Production Act. The purpose of this initiative is to consolidate existing requirements in the Regulations to add clarity and address remaining security gaps that have been identified. The proposed amendments to the Regulations seek to strike the right balance between supporting Canada’s national security objectives, fulfilling the commitments made to the U.S. Department of State by PWGSC in the 2011 EOL, maintaining the competitiveness of Canadian industry, and addressing gaps in the current framework.
The proposed amendments are intended to address the issues identified above, complete the implementation of the Enhanced Security Strategy and respond to the concerns raised by the Standing Joint Committee for the Scrutiny of Regulations. More specifically, the amendments to the Regulations are intended to achieve the following objectives:
- Reflect and clarify in the Regulations current Program practices implemented in Phase I of the Enhanced Security Strategy.
- Address the three ESS Phase II activities that require regulatory authority in order to be implemented.
- Address the concerns raised by the Standing Joint Committee for the Scrutiny of Regulations.
A brief summary of the key elements contained in the proposed amendments to the Regulations follows:
1. Reflect and clarify in the Regulations current Program practices implemented in Phase I of the Enhanced Security Strategy
In order to prevent the unauthorized diversion of controlled goods domestically and to effectively support the national security framework, persons who require access to controlled goods must be (i) registered with the Controlled Goods Program, (ii) exempt from registration, or (iii) excluded. The information required in applying for registration or renewal is stipulated in section 3 of the current Regulations. This section would be amended and a new section (3.1) would be added to reflect the following additional information required from businesses or individuals filing an application for registration or renewal:
- (1) The consent to a security assessment of persons who own 20% or more of the outstanding voting shares or interests, and an indication of the percentage that each person owns.
- (2) The designated official.
- (3) The consent to a security assessment of the authorized individual.
The above-mentioned security assessments would be conducted by the Minister. These practices were implemented in October 2011.
Since individual applicants are security-assessed by the Minister, the proposed Regulations would clarify that there is no requirement for an individual applicant to appoint a designated official, or for the individual applicant to undergo certification.
Security assessments evaluate the risk that an individual may pose in terms of the unauthorized transfer of controlled goods. The proposed amendments would further clarify in regulations processes that were implemented in October 2011 as part of Phase I of the Enhanced Security Strategy. More specifically, there are two “types” of security assessments described in the Regulations under sections 15 and 19; both sections would be expanded to include additional security-related risk factors. Section 15 concerns the assessments conducted by both the Minister and the designated official (i.e. the assessments of the authorized individual, owners with 20% or more of the voting shares, and the designated officials are conducted by the Minister, while the assessments of officers, directors, and employees are conducted by the designated official). Section 19 applies to assessments conducted by the Minister only in the context of applications for exemptions from registration.
A. Assessments conducted as per section 15 of the Regulations would also include the assessment of
- (a) History of travel outside of Canada and the United States; and
- (b) Significant personal and professional associations and relationships.
The proposed amendments would clarify that individuals who are the subject of the above-mentioned security assessment would be required to provide to the designated official or the Minister, as the case may be, for the purposes of establishing their identity, a copy of the following:
- (a) Evidence of the information requested in subsection 15(4). For example, the information provided with regard to the items listed below should be capable of being verified by the Minister or the designated official:
- (i) the individual’s full name and any previous names,
- (ii) his or her date and place of birth,
- (iii) all citizenships and, if applicable, permanent resident status of the individual, and
- (iv) any security clearance held, denied, suspended or revoked.
The Regulations would also include the condition that security assessments could be referred to security and intelligence partners for further verifications. The Regulations would also specify that high-risk security assessments of individuals conducted by the designated official are to be referred to the Minister for additional security checks with security and intelligence partners. Assessing risk is performed on a case-by-case basis, following an assessment of the following parameters: personal information, criminal history, travel history, financial risk, and significant and meaningful associations; and specific charges or convictions.
Assessments conducted under section 15 would be valid for a period of up to five years. Given this, the Regulations would be amended to specify that the record retention requirement would be to keep and maintain only the most recent security assessment. This measure is intended to relieve some of the burden on registrants vis-à-vis the regulatory requirement to maintain records of security assessments during the period of an individual’s employment.
B. Assessment conducted under section 18 of the Regulations — Temporary workers, international students, and visitors
Currently, a registered person can apply to the Minister to exempt a temporary worker or a visitor. This provision would also include international students. An international student would be defined as a person who is authorized by a study permit or by the Immigration and Refugee Protection Regulations to engage in studies in Canada and is not a director, officer or employee of a registered person. Further to the information requested in section 18, the Regulations would clearly stipulate the requirement for consent to the assessment by the international student and visitor, and, in the case of an international student, the following documents would be requested by the designated official: a copy of the student’s valid study permit, a letter from the academic institution at which they are authorized to study indicating that the work they are doing for the registered person is integral to those studies (if applicable), copies of all identity documents issued to them by the Government of Canada or any of its provinces, and the original results of a country-wide criminal record check from each country other than Canada that they have resided in during the five-year period immediately before the date of their consent to the security assessment. The last two of these elements apply to temporary workers as well.
A record-keeping requirement for visitor exemptions would also be included in the Regulations to align them with current operational procedures. These records would have to be maintained by the registered person until two years after the day on which the visitor ceases to carry out their duties.
Designated officials are responsible for the security assessment of officers, directors and employees within the registered entities and are the primary point of contact between Government and industry. In light of the importance of the designated official’s role in this partnership, the Regulations would include the requirement for them to obtain and maintain any certification required by the Minister.
2. Address the three ESS Phase II activities that require regulatory authority in order to be implemented
The Regulations would require registered persons to submit to the Minister the following information for all individuals who have been security-assessed by a designated official over the last six months: full name, date of birth, and whether the individual was authorized to access controlled goods. Although registered persons must currently make this information available to the Minister during compliance inspections or upon request, this systematic reporting requirement would facilitate the Department’s responsiveness during investigations or when addressing reported security breaches. This requirement would also support the registrant by ensuring that any new or previously unknown risks concerning an unauthorized diversion of controlled goods are mitigated through increased information sharing between the Government and industry.
Similarly, the proposed amendment is necessary because it would require consent to be obtained from any visitor to have their name referred to security and intelligence partners as part of the exemption process, which would allow for a more thorough assessment of an individual in a position to access a registrant’s controlled goods.
The amendments to the Regulations would enable the Minister to make a recommendation to the designated official in instances where a security assessment of a high-risk individual is referred by the designated official for further verifications. The designated official would be required to consider this recommendation in his or her assessment. The final decision of whether or not to grant access to an employee, director, or officer would remain with the designated official. This amendment is intended to better support the designated official in his or her functions by providing access to additional information (through the Minister), which should facilitate and substantiate a thorough decision.
3. Concerns of the Standing Joint Committee for the Scrutiny of Regulations (SJCSR)
Clarifying the decisional criteria for the revocation and suspension of registrations and exemptions
The Regulations currently detail the provisions for suspensions and revocations of registrations and exemptions from registrations, as well as define the circumstances under which the Minister would consider a suspension or revocation. It is proposed that the Regulations be amended to clarify the criteria for suspensions and revocations (section 27) as follows:
- (a) Suspension: the Minister has reasonable grounds to believe there is an undue risk of unauthorized transfer of controlled goods.
- (b) Revocation [subsection 27(4)]: the Minister is not satisfied with the actions taken following a suspension; the Minister determines that there is an undue risk and the actions or omissions were deliberate; or the company is bankrupt.
Clarifying the decisional criteria for the reinstatement of a suspended registration or exemption
It is proposed that the Regulations be amended to better articulate how the decision is made to reinstate a suspended or revoked registration or exemption. In addition, the discretionary power of the Minister would be removed as it pertains to reinstatement of a suspension or revocation in circumstances where there are no longer grounds for the suspension or the revocation was unfounded [i.e. the replacement of “may” with “shall” in subsection 27(3)]. The proposed amendments would reflect current practice with respect to suspensions and revocations.
Specifying a time period where the Regulations currently state “without delay”
Section 40 of the Defence Production Act requires information to be provided to the Minister “in the manner and time prescribed by regulation.” These amendments would prescribe a time frame for all relevant sections of the Regulations:
- Section 9: Registrants would be required to inform the Minister of any changes in any of the information contained in the application for registration within five business days. This section would also include the requirement to inform the Minister of the name and address of any person that will, as a result of an acquisition, own 20% or more of the outstanding voting shares or interests of the business by the later of 32 business days before the date of an acquisition or one business day after the day on which they become aware of an acquisition.
- Paragraph 10(h): Registrants would be required to inform the Minister within three days upon discovery of a potential security breach.
- Subsection 15(5): A person subject to a security assessment would be required to inform the Minister or the designated official, as the case may be, of any changes concerning criminal history within five business days.
- Subsection 19(3): Registrants would be required to inform the Minister within five business days of any changes in an application for exemption.
While other sections containing “without delay” were not identified by the Committee, amendments to the following subsection have been made and specific time frames provided for clarification and consistency:
- Subsection 27(6): Registrants would be required to provide a temporary worker, international student or visitor whose registration or exemption is subject to revocation or suspension with a copy of the notice from subsection 27(1), (2), (3) or (4) within one business day from the time that it is received from the Minister.
Regulatory and non-regulatory options considered
The options outlined below provide an overview of the alternatives that were considered.
Option 1: Leave the existing Regulations in place (i.e. maintain the status quo)
The status quo is not considered to be a viable option. The existing regulatory requirements do not fully address certain activities required to address potential security gaps. Furthermore, the Committee recommendations can only be addressed through regulatory amendments.
Option 2: Address the identified issues in policy
Phase I of the Enhanced Security Strategy was implemented through policy and operational changes. However, following an assessment of the various elements and possible gaps that were identified, it has been determined that a clear regulatory framework for registrants that incorporates all regulatory obligations is necessary in order to administer the Program as intended. Additionally, elements from Phase II and the recommendations of the Committee could not be addressed in policy. This option would not permit the completion of the strategy.
Option 3: Amend the existing Regulations to include enhanced requirements (recommended option)
Amending the existing Regulations would allow the Department to meet the objectives stated above while enabling the Controlled Goods Program to deliver on its mandate to safeguard controlled goods against unauthorized transfer.
Benefits and costs
Stakeholders of the Program include firms or associations involved in the aerospace, defence, satellite and security sectors; sole proprietors; consultants; academic institutions; and museums. While the list of Program stakeholders is extensive, the Canadian aerospace, defence and security industries constitute the “principal” stakeholder group. The companies from these industries represent the largest percentage of registrants and are considered to be the Program’s main clients. There are also a number of government departments who either use controlled goods (for example the Department of National Defence) or are impacted by national security considerations.
PWGSC is aware of the need to weigh the consequences of any change on industry while ensuring national security concerns are fully met. Below is a short analysis of the estimated costs and qualitative impacts (positive and negative) by stakeholder group. It should be noted that no new costs are anticipated for the Canadian public or government as a result of this proposal. Any costs associated with new activities will be strictly limited to the registrant’s time in obtaining a signature (in the case of visitor exemptions), considering the Minister’s response (in the case of referrals of high-risk individuals), and emailing the list of records (in the case of submitting a list of security-assessed people). The Controlled Goods Program will not require additional capacity or tools to sustain these activities.
Overview of estimated costs
|Cost-benefit statement||Base Year (2014)||Final Year (2023)||Total (Present Value) [10 Years]||Average Annual (Present Value)|
|A. Quantified impacts ($)|
|Benefits||Large / medium businesses||$0||$0|
|Costs||Large / medium businesses||$58,448||$19,260||$289,147||$41,168|
|Net administrative costs||$859,957||$122,439|
|B. Qualitative impacts|
|Short list of qualitative impacts by stakeholder|
|Canadians and the Canadian economy||
|Canada–United States relations||
|Industry and other stakeholders||
Canadians and the Canadian economy
These amendments are intended to ensure that Canada, particularly the Canadian defence, aerospace, satellite and security industries, continues to benefit from its privileged defence trade relationship with the United States and access to this important market. This is primarily accomplished in this context by supporting the maintenance of Canada’s U.S. ITAR exemptions.
The proposed Regulations seek to increase the efficiency of the Program in protecting against “intangible technology transfer” and industrial espionage. No new costs for Canadians are foreseen, except those identified for industry.
The proposed amendments will add clarity and transparency with respect to the ESS — Phase I, but would not result in a change of direction operationally either for the Program or for Program registrants.
The changes related to the proposed amendments that are required to implement the ESS Phase II activities would be made using existing resources. These proposed amendments would be incorporated into processes currently in place (i.e. the existing processes surrounding the security assessment referrals of high-risk individuals, visitor exemptions, and the record keeping of security- assessed individuals). Consequently, no new costs are foreseen for the Canadian government.
Canada–United States relations
This proposal would codify in regulations the current practice of assessing the following key risk indicators:
- travel frequency, duration, and location; and
- significant and meaningful associations (foreign and domestic).
These practices were implemented in the ESS — Phase I to strengthen the security around controlled goods. Specifically, stipulating these enhancements in regulations is intended to help maintain the high confidence that the United States has in Canada’s controlled goods regulatory regime and continue to support the ITAR exemptions (section 126.18(c)(2)). No costs are foreseen.
Industry and other stakeholders (registrants)
One of the main objectives of these regulatory changes is to bring clarity to the framework to provide registered persons with a better understanding of the Program’s requirements and their regulatory obligations. Consequently, only elements which would result in new incremental practices and/or requirements were evaluated.
The calculations included herein focus on the following three activities:
- Consideration of a recommendation provided by the Minister to a designated official for referrals of high-risk employees;
- Obtaining the consent of the individual in the visitor exemption process; and
- Submitting twice annually the list of security-assessed individuals to the Minister.
As detailed below, it is anticipated that the first two regulatory amendments would only affect a small portion of current registrants, with an average of 15 % (76 of 498) of the medium and large registrants and 15% (311 of 2 055) of small registrants. The anticipated costs of the third element were applied to large, medium and small registrants. Given that 52% of the Program participants are small businesses (versus only 12% for medium/large businesses), this would be the most affected class of registrants. However, the cost to each small business is anticipated to be less than the anticipated cost to each medium/large business. The overall cost for small business will be greater since there are more small registrants in the Program compared to the number of medium/large businesses. The total cost of the new administrative burden to industry is estimated to be a present value (PV) of $122,439 annually ($859,957 PV over 10 years).
There would be no new compliance costs as a result of these Regulations.
None of the above amendments are expected to affect, in any significant way, individual registrants or sole proprietors. In the last three years, there have been no instances of individual registrants or sole proprietors submitting a visitor exemption request or a security assessment referral for a high-risk employee. This trend is not expected to change. Furthermore, this group would not be expected to have, or to submit, a list of employees.
The proposed amendments to the Regulations are considered to be an “IN” under the “One-for-One” Rule. These amendments are expected to marginally increase the administrative costs for some Program registrants, particularly those who process a high number of high-risk security assessments. These registrants fall mostly in the medium to large business category, which is less than 12% of the total number of program registrants.
The net present value (NPV) is $859,957 over a 10-year period using a discount rate of 7% and the annualized present value would be $122,439.
|Cost-benefit statement||Base Year (2014)||Final Year (2023)||Total (Present Value) [10 Years]||Average Annual (Present Value)|
|A. Quantified impacts $|
|Familiarization with new obligations related to the proposed amendments.||Large / medium businesses||$23,039||$0||$23,039||$3,280|
|Consider the recommendation of the Minister with regard to the risk level of employees submitted to the Controlled Goods Program for further verifications.||Large / medium businesses||$6,807||$3,703||$51,158||$7,284|
|Obtain consent form from visitor for exemption requests.||Large / medium businesses||$17,734||$9,646||$133,272||$18,975|
|Submit list of security-assessed individuals to the Controlled Goods Program every six months.||Large / medium businesses||$10,868||$5,912||$81,678||$11,629|
|Net administrative costs — discounted to 2014||$859,957||$122,439|
|Net administrative costs — discounted to 2012||$751,120||$106,943|
Note: The value counted under the “One-for-One” Rule is $106,943.
Cost per small business
The anticipated increase in administrative costs per small business is $278 (NPV) over a 10-year period. This new cost would only apply to approximately 15% of small businesses registered in the Program. Not all small businesses would be affected by the proposed amendments to the Regulations under in Phase II. Statistical analysis from fiscal year 2012–2013 showed that
- 0.1% of small businesses (2) submitted a request for further verification in regard to high-risk employees;
- 1.2% of small businesses (24) requested visitor exemptions through the Program; and
- 34.9% of small businesses (716) would be required to submit a list of security-assessed individuals every six months to the Program.
These figures exclude individual registrants and sole proprietors.
When the percentage of small businesses affected in the calculations is factored in, the annual average NPV administrative cost increase is estimated to be $40 per affected small business.
Small business lens
The costs associated with this proposal are less than $1 million annually; consequently, the small business lens would not apply.
Any potential increases in administrative costs that (may arise from the three proposed amendments relating to Phase II of the ESS are estimated to be low overall (see table above). Small businesses do not submit a large number of referrals of high-risk employees or visitor exemptions (two of the three activities). These Program activities are primarily undertaken by medium and large businesses. Anticipated costs were validated with stakeholders via a survey administered electronically in February and March 2014 and again with members of the Controlled Goods Program’s Industry Engagement Committee in October 2014.
Since 2010, the Controlled Goods Program’s largest stakeholders have been given the opportunity to provide input on these proposed Regulations through a series of consultation and communications activities.
Status updates with regard to the rollout of the ESS were made through the regular posting of information bulletins on the Controlled Goods Program’s Web site. The Controlled Goods Program continued its involvement in various outreach activities, including trade shows and conferences. Upcoming regulatory amendments have been communicated, specifically how they pertain to aligning the Regulations with ESS changes implemented by the Program in October 2011.
Industry stakeholders (registrants)
This proposal contributes to the improved global competitiveness of the Canadian aerospace, defence and satellite sectors. As a result of the increase in clarity, registrants should have a better understanding of policy and regulatory requirements. Registrants have been supportive of these proposed efforts to standardize the application of the registration and security assessment process across the industry, and are expected to benefit from the increase in guidance from the Minister in terms of training and high-risk employee situations.
Industry and stakeholder departments and agencies were consulted in the development of the ESS Phase I through the Controlled Goods Program Industry Advisory Board. Concerns were raised by stakeholders in the months following the implementation of the ESS Phase I. These included the level of information required for security assessments, the increase in demands placed on designated officials (including the cost of certification), and the sharing of personal information with foreign governments. In the months following the October 2011 launch of the ESS, PWGSC met with stakeholders to address their concerns.
In January 2012, the Industry Engagement Committee (IEC) was established (replacing the Controlled Goods Program Industry Advisory Board) in order to engage industry on an ongoing basis regarding the impacts on industry of any Program changes, including legislative and regulatory changes, while ensuring national security concerns are fully addressed. The IEC is comprised of five aerospace and defence companies, four industry associations, one educational association, and one consulting firm. Together, these industry members represent a broad cross-section of the aerospace and defence industries. Since its inception, the IEC has met monthly and has provided advice to PWGSC regarding the Program. These efforts have served to inform the development of the proposed regulatory amendments and increase the level of stakeholder support and comprehension.
Workshops were offered by PWGSC to designated officials between September 2011 and April 2012 to provide training on new Program requirements for security assessments. Expanded educational and certification measures, combined with standardized assessment procedures, helped to ensure that Canadian companies remain aware of their obligations under the proposed new rules and increased compliance with Program requirements, all of which serve to facilitate the safeguarding of controlled goods.
Lastly, the proposed amendments were presented to the Industry Engagement Committee for feedback in November 2014. IEC member feedback was positive and integrated into the proposal, where appropriate. This included the recommendation to add a provision or new section regarding change in ownership that would require of an advance notice. The members also recommended that assumptions used to develop the estimated costs be explicitly stated to help mitigate any confusion on the part of stakeholders regarding the anticipated level of effort associated with the new requirements. A document detailing the assumptions was prepared and is available upon request.
Other federal departments
Government departments that could have been affected by the proposed changes were consulted. There were no outstanding concerns.
It is expected that the U.S. government would continue to be supportive of the proposed amendments to the Regulations. The most recent bilateral meeting served, among other things, to update the U.S. government on the continued implementation of the Enhanced Security Strategy in the Controlled Goods Program. No concerns were raised by the U.S. government regarding this proposal.
Implementation, enforcement and service standards
The proposed Regulations will come into force on the day on which they are registered.
These Regulations do not alter existing compliance provisions under the Defence Production Act. Compliance and enforcement measures for all registered persons will continue to include compliance inspections that monitor, but are not limited to, the following conditions of registration:
- Appointing a designated official;
- Establishing and maintaining a security plan;
- Maintaining records;
- Providing training to officers, directors, employees and temporary workers;
- Providing security briefings to visitors;
- Reporting security breaches; and
- Making available all records to the Minister and reporting any change in the application submission.
In line with the Government of Canada’s Red Tape Reduction Action Plan initiative “Improving Service Performance for Regulatory Authorizations,” service standards and performance targets for all regulatory authorizations were established for the Program, as follows:
|Program Activity||Proposed Service Standard||Service Standard Target|
|Registration (new and renewal)||32 business days||80% processed within standard|
|Security assessments||32 business days||80% processed within standard|
|Temporary worker exemptions||30 business days||80% processed within standard|
|Visitor exemptions||10 business days||80% processed within standard|
It should be noted that a number of activities carried out by the Controlled Goods Program require input from other departments or agencies (e.g. the Royal Canadian Mounted Police and the Canadian Security and Intelligence Service), subject to their own service standards and timelines. The response time may consequently be extended in cases where one or more of the following conditions exist:
- Adverse findings or external file referral;
- Inability to make contact with references provided or the authorized individual; and
- The designated official has not successfully completed the required training or has failed the certification exam.
Processing delays may result where additional verifications and collaboration with other departments or agencies are required. Applicants will receive a notice of extension within the service delivery window (i.e. 32 days) should service standard delays be anticipated.
In addition, Program registrants are expected to benefit from the precisions being proposed to replace the numerous references to “without delay” throughout the Regulations. These measures should improve the client service experience and service delivery.
Program stakeholders and clients were consulted on service standards from November 2013 to May 2014 and are supportive of the proposal.
A report on the performance of the CGP relative to its service standard will be provided annually to Parliament through two tables of PWGSC’s Departmental Performance Report found in the Supplementary Information section. Performance will also be reported on the CGP main Web page. The Program will also report on performance against targets on an annual basis on PWGSC’s Acts and Regulations Web page, which can be found at http://www.tpsgc-pwgsc.gc.ca/lr-ar/index-eng.html.
Performance measurement and evaluation
This initiative is largely intended to clarify the existing requirements in the Regulations that apply to persons accessing controlled goods in Canada.
To evaluate whether the Regulations are adequately understood, inquiry, inspection and compliance data will be assessed following the implementation period to determine whether there are any trends associated with non-compliance that might suggest that sections of the Regulations are not understood by all or particular groups of regulated parties.
Ongoing environmental scans would be used to identify any issues or situations concerning the domestic regulation of controlled goods that could have unintended consequences as a result of this initiative.
Controlled Goods Program
Industrial Security Sector
Public Works and Government Services Canada
2745 Iris Street
Notice is given that the Governor in Council, pursuant to section 43 (see footnote a) of the Defence Production Act (see footnote b), proposes to make the annexed Regulations Amending the Controlled Goods Regulations.
Interested persons may make representations concerning the proposed Regulations within 30 days after the date of publication of this notice. All such representations must cite the Canada Gazette, Part I, and the date of publication of this notice, and be addressed to Pascal Girard, Director, Controlled Goods Directorate, Public Works and Government Services Canada, 2745 Iris Street, Ottawa, Ontario K1A 0S5 (email: email@example.com).
Ottawa, April 23, 2015
Assistant Clerk of the Privy Council
REGULATIONS AMENDING THE CONTROLLED GOODS REGULATIONS
1. (1) The definition “visitor” in section 1 of the Controlled Goods Regulations (see footnote 1) is replaced by the following:
“visitor” means an individual — other than an international student — who is not an officer, director or employee of a person registered under these Regulations and who is not
- (a) a Canadian citizen ordinarily resident in Canada; or
- (b) a permanent resident ordinarily resident in Canada. (visiteur)
(2) Section 1 of the Regulations is amended by adding the following in alphabetical order:
“business day” means a day other than a Saturday or a holiday. (jour ouvrable)
“international student” means an individual who is authorized by a study permit or by the Immigration and Refugee Protection Regulations to engage in studies in Canada and who is not an officer, director or employee of a person registered under these Regulations. (étudiant étranger)
2. The heading “REGISTRATION” before section 2 of the Regulations is replaced by the following:
REGISTRATION AND REGISTERED PERSONS
3. (1) Paragraphs 3(d) to (f) of the Regulations are replaced by the following:
- (d) the name and address of any owner of 20% or more of the outstanding voting shares or interests of the business and the percentage that each owns;
- (e) the name, date of birth, position, telephone number and, if applicable, facsimile number and email address of the individual who is proposed to be appointed as the designated official;
(2) Paragraph 3(i) of the Regulations is replaced by the following:
- (i) a statement signed and dated by an individual authorized for that purpose, stating that the information contained in the application is accurate and complete.
4. The Regulations are amended by adding the following after section 3:
3.1 The application shall be accompanied by the consent of the following individuals to a security assessment to be conducted by the Minister in accordance with section 15, including their consent to the disclosure of their personal information to — and its use by — Canadian government entities and credit reporting agencies for the purpose of that assessment:
- (a) each owner referred to in paragraph 3(d) that is an individual;
- (b) the proposed designated official referred to in paragraph 3(e), unless they were subjected to a security assessment in accordance with section 15 within the previous five years; and
- (c) the authorized individual referred to in paragraph 3(i).
5. Section 4 of the Regulations is replaced by the following:
4. In deciding whether to register an applicant, the Minister shall assess, based on the security assessments referred to in section 3.1 and any other information obtained in respect of the applicant, the extent to which the applicant poses a risk of transferring a controlled good to a person who is neither registered nor exempt from registration.
6. Section 9 of the Regulations is replaced by the following:
9. (1) Every applicant and registered person shall advise the Minister of any change in any of the information contained in or accompanying the application for registration within five business days after the day on which they become aware of the change.
(2) A registered person shall, by the later of 32 business days before the date of an acquisition or one business day after the day on which they become aware of an acquisition, advise the Minister of the name and address of any person that will, as a result of the acquisition, own 20% or more of the outstanding voting shares or interests of the business.
7. (1) Paragraph 10(b) of the Regulations is replaced by the following:
- (b) that the person keep records of the most recent security assessment in respect of each of their officers, directors, employees, temporary workers, international students and visitors who examine, possess or transfer controlled goods and maintain those records — as well as supporting documentation — for a period of two years after the day on which the individual in question ceases to act in that capacity;
(2) Paragraph 10(c) of the French version of the Regulations is replaced by the following:
- c) elle conserve copie de la preuve visée au paragraphe 16(2) pendant la période de deux ans suivant la date à laquelle la personne physique exemptée cesse d’avoir accès à ses marchandises contrôlées;
(3) Paragraph 10(d) of the Regulations is replaced by the following:
- (d) that the person meets the requirements set out in section 11 and subsection 12(1);
(4) Subparagraph 10(e)(iii) of the French version of the Regulations is replaced by the following:
- (iii) énonce les responsabilités de son organisation de sûreté et indique le nom des personnes physiques qui sont responsables de la sûreté des marchandises contrôlées,
(5) Paragraph 10(h) of the Regulations is replaced by the following:
- (h) that the person advise the Minister of any actual or potential security breach in relation to controlled goods within three days after the day on which they discover the breach;
(6) Section 10 of the Regulations is amended by adding “and” at the end of paragraph (i) and by adding the following after that paragraph:
- (j) that the person submit to the Minister, every six months, the name of each individual in respect of whom the designated official conducted a security assessment during the previous six months, as well as the individual’s date of birth and an indication of the extent to which they were authorized to access controlled goods.
8. Sections 11 and 12 of the Regulations are replaced by the following:
11. An applicant for registration or a registered person may propose to appoint as a designated official only
- (a) themselves, if they are an individual; or
- (b) one of their officers, directors or employees who is either a Canadian citizen ordinarily resident in Canada or a permanent resident ordinarily resident in Canada and who has obtained — or will obtain before the appointment is made — any certification required by the Minister.
12. (1) A registered person shall ensure that a designated official is subjected to a security assessment in accordance with section 15 before their appointment and at least once every five years.
(2) An individual in respect of whom a security assessment is required under subsection (1) shall provide their consent to the security assessment, including their consent to the disclosure of their personal information to — and its use by — Canadian government entities and credit reporting agencies for the purpose of that assessment.
(3) The Minister shall, on the basis of the security assessment, accept or reject the individual as a designated official and shall notify the registered person of the acceptance or the reasons for rejection.
9. Section 13 of the Regulations is replaced by the following:
13. Every registered person shall ensure that the designated official
- (a) in respect of each officer, director and employee who is not a temporary worker of the registered person and who requires in the course of their duties access to controlled goods,
- (i) conducts, at least once every five years and with the consent of the individual concerned, including their consent to the disclosure of their personal information to — and its use by — Canadian government entities and credit reporting agencies for the purpose of the assessment, a security assessment in accordance with section 15,
- (ii) determines, on the basis of the security assessment, the extent to which the individual concerned poses a risk of transferring a controlled good to a person who is neither registered nor exempt from registration,
- (iii) if the designated official is of the opinion that the individual concerned poses a high risk, requests that the Minister conduct his or her own security assessment in respect of the individual concerned and provides to the Minister, for the purpose of carrying out that assessment, all information and evidence obtained by the designated official under subsections 15(2), (4) and (5),
- (iv) considers any recommendation provided by the Minister under subsection 15.1(2), and
- (v) decides the extent to which the registered person ought to authorize the individual concerned to examine, possess or transfer controlled goods;
- (b) verifies the information provided to them by temporary workers, international students and visitors for the purpose of applications for exemption submitted under section 18; and
- (c) obtains and maintains any certification required by the Minister.
10. Sections 14 and 15 of the Regulations are replaced by the following:
14. (1) The registered person shall be bound by the decision of the designated official under subparagraph 13(a)(v).
(2) An authorization by the registered person applies to an officer, director or employee only when that individual is acting in the course of their duties with the registered person.
15. (1) The Minister shall conduct a security assessment in respect of all proposed designated officials and all individuals referred to in paragraphs 3(d) and (i), and the designated official shall conduct a security assessment in respect of all officers, directors and employees referred to in paragraph 13(a), having regard to the information provided under subsection (4).
(2) In conducting the security assessment, the Minister may also have regard to other information provided by any person and the designated official may have regard to other information provided by the Minister if the Minister or the designated official, as the case may be, has reasonable grounds to believe that the information is necessary to determine the extent of the risk referred to in subsection (3).
(3) The purpose of the security assessment is to determine the extent to which the individual being assessed poses a risk of transferring a controlled good to a person who is neither registered nor exempt from registration.
(4) The individual who is the subject of the security assessment shall provide the Minister or the designated official, as the case may be, with the following information and, on request, any additional information or evidence that the Minister or the designated official requires to verify it:
- (a) their name and any previous names;
- (b) their date and place of birth;
- (c) all citizenships and any permanent resident status;
- (d) personal references; and
- (e) a description, in respect of the five-year period immediately before the day on which the individual consents to the assessment, of their
- (i) criminal history,
- (ii) places of residence,
- (iii) education and employment history,
- (iv) financial history,
- (v) history of travel outside of Canada and the United States, including any denial of entry into another country,
- (vi) significant personal and professional associations and relationships that could affect the extent to which the individual poses a risk of transferring a controlled good to a person who is neither registered nor exempt from registration, and
- (vii) any security clearance held, denied, suspended or revoked.
(5) An individual who is or has been the subject of a security assessment shall advise the Minister or the designated official, as the case may be, of any change concerning their criminal history within five business days after the day on which the change occurs.
(6) The Minister or the designated official, as the case may be, shall reconduct a security assessment if new information is received or if there are other reasonable grounds for doing so.
15.1 (1) If a request is made to the Minister under subparagraph 13(a)(iii), the Minister shall conduct the security assessment of the individual concerned in accordance with section 15.
(2) The Minister shall advise the designated official of his or her recommendation respecting the extent to which the individual concerned poses a risk of transferring a controlled good to a person who is neither registered nor exempt from registration and the extent to which, in the Minister’s opinion, the individual ought to be authorized to examine, possess or transfer controlled goods.
11. Section 17 of the Regulations is replaced by the following:
17. A temporary worker, international student or visitor is eligible for exemption from registration only if a registered person submits to the Minister an application on their behalf in accordance with section 18.
12. Sections 18 and 19 of the Regulations are replaced by the following:
18. A registered person may apply to exempt a temporary worker, international student or visitor from registration by sending to the Minister, on a form supplied by the Minister, an application that contains
- (a) the name of the registered person;
- (b) the name, any previous names, date of birth and citizenships of the temporary worker, international student or visitor;
- (c) in the case of a visitor, their address and the name and address of their employer, if applicable;
- (d) a description, including the country of origin if other than Canada, of the controlled goods that the temporary worker, the international student or the visitor will examine, possess or transfer;
- (e) the expected duration of the temporary worker’s employment or of the international student’s placement with the registered person or the expected duration and purpose of the visit; and
- (f) a statement signed and dated by the designated official, stating that
- (i) the individual for whom the exemption is being sought meets the requirements of the definition of temporary worker, international student or visitor, as the case may be,
- (ii) in the case of a temporary worker or international student, the designated official has contacted their personal references, and
- (iii) the information contained in and accompanying the application is accurate and complete.
18.1 (1) An application for exemption from registration shall be accompanied by the consent of the temporary worker, international student or visitor to a security assessment to be conducted in accordance with section 19, including their consent to the disclosure of their personal information to — and its use by — Canadian government entities for the purpose of the assessment, as well as a copy of their valid passport.
(2) In the case of a temporary worker or international student, the application shall also be accompanied by their consent to the disclosure of their personal information to — and its use by — credit reporting agencies for the purpose of the security assessment, as well as
- (a) copies of all identity documents issued to them by the Government of Canada or any province;
- (b) evidence that they are authorized to work or study in Canada, as the case may be, and, in the case of an international student, a document from the academic institution at which they are authorized to study indicating that the work they are doing for the registered person is integral to those studies;
- (c) personal references;
- (d) a description, in respect of the five-year period immediately before the day on which they consent to the assessment, of their
- (i) criminal history,
- (ii) places of residence,
- (iii) education and employment history, and
- (iv) history of international travel outside of Canada and the United States, including any denial of entry into another country; and
- (e) the original results of a country-wide criminal record check conducted by the relevant authorities in every country other than Canada in which they resided during the period referred to in paragraph (d).
(3) The temporary worker and the international student shall, on request, provide the designated official with any additional information or evidence that the designated official requires to verify the information provided under subsection (2).
19. (1) The Minister shall conduct a security assessment in respect of all temporary workers, international students and visitors in respect of whom an application for exemption from registration has been made under section 18, having regard to the information provided under section 18.1 and any other information that the Minister has reasonable grounds to believe is necessary to make a decision under section 20.
(2) The purpose of the security assessment is to determine the extent to which the individual being assessed poses a risk of transferring a controlled good to a person who is neither registered nor exempt from registration.
(3) The registered person shall advise the Minister of any change in any of the information contained in or accompanying an application for exemption within five business days after the day on which the change occurs.
(4) The Minister shall reconduct a security assessment if new information is received or if there are other reasonable grounds for doing so.
13. Section 20 of the Regulations is replaced by the following:
20. The Minister shall, on the basis of the security assessment conducted under section 19, decide whether to approve or deny the application for exemption from registration.
14. Section 21 of the Regulations is replaced by the following:
21. (1) If the Minister approves an application for exemption, the Minister shall provide a certificate of exemption from registration to the registered person that sets out the period for which the exemption is valid and any conditions under which the temporary worker, the international student or the visitor concerned may examine, possess or transfer controlled goods.
(2) The registered person shall provide the temporary worker, the international student or the visitor with a copy of the certificate.
15. The heading before section 25 and sections 25 and 26 of the Regulations are repealed.
16. Section 27 of the Regulations is replaced by the following:
27. (1) If the Minister has reasonable grounds to believe that a registered person or an exempt individual poses an undue risk of transferring a controlled good to a person who is neither registered nor exempt from registration, the Minister shall suspend the registration or the exemption.
(2) The Minister shall revoke the registration or the exemption if he or she determines that the registered person or the exempt individual poses an undue risk of transferring a controlled good to a person who is neither registered nor exempt from registration and that
- (a) a material fact was, with the intent to mislead, deliberately omitted from or misstated in the application for registration or exemption or in connection with a security assessment referred to in section 3.1, 12 or 19; or
- (b) the registered person or the exempt individual is bankrupt.
(3) The Minister shall reinstate the registration or the exemption if, within 30 days after the date of the notice of suspension or revocation, the registered person makes representations to the Minister that satisfy him or her
- (a) that there are no longer grounds for the suspension; or
- (b) that the revocation was unfounded.
(4) If the registered person does not, in the case of a suspension, meet the requirements of subsection (3), the Minister shall revoke the registration or the exemption.
(5) The Minister shall provide to the registered person notice with reasons of any decision to suspend or to revoke a registration or exemption, or not to reinstate a revoked registration or exemption despite representations being made, as well as notice of any decision to reinstate a registration or exemption.
(6) The registered person shall, within one business day after the day on which they receive a notice from the Minister concerning the exemption of a temporary worker, international student or visitor, provide to that individual a copy of the notice.
COMING INTO FORCE
17. These Regulations come into force on the day on which they are registered.