Vol. 150, No. 14 — July 13, 2016
Registration
SOR/2016-201 June 22, 2016
DEFENCE PRODUCTION ACT
Regulations Amending the Controlled Goods Regulations
P.C. 2016-628 June 21, 2016
His Excellency the Governor General in Council, on the recommendation of the Minister of Public Works and Government Services, pursuant to section 43 (see footnote a) of the Defence Production Act (see footnote b), makes the annexed Regulations Amending the Controlled Goods Regulations.
Regulations Amending the Controlled Goods Regulations
Amendments
1 (1) The definition visitor in section 1 of the Controlled Goods Regulations (see footnote 1) is replaced by the following:
visitor means an individual — other than an international student — who is not an officer, director or employee of a person registered under these Regulations and who is not
- (a) a Canadian citizen ordinarily resident in Canada; or
- (b) a permanent resident ordinarily resident in Canada. (visiteur)
(2) Section 1 of the Regulations is amended by adding the following in alphabetical order:
business day means a day other than a Saturday or a holiday. (jour ouvrable)
international student means an individual who is authorized by a study permit or by the Immigration and Refugee Protection Regulations to engage in studies in Canada and who is not an officer, director or employee of a person registered under these Regulations. (étudiant étranger)
2 The heading “Registration” before section 2 of the Regulations is replaced by the following:
Registration and Registered Persons
3 (1) Paragraphs 3(d) to (f) of the Regulations are replaced by the following:
- (d) the name and address of any owner of 20% or more of the outstanding voting shares or interests of the business and the percentage that each owns;
- (e) the name, date of birth, position, telephone number and, if applicable, facsimile number and email address of the individual who is proposed to be appointed as the designated official;
(2) Paragraph 3(i) of the Regulations is replaced by the following:
- (i) a statement signed and dated by an individual authorized for that purpose, stating that the information contained in the application is accurate and complete.
4 The Regulations are amended by adding the following after section 3:
3.1 The application shall be accompanied by the consent of the following individuals to a security assessment to be conducted by the Minister in accordance with section 15, including their consent to the disclosure of their personal information to — and its use by — Canadian government entities and credit reporting agencies for the purpose of that assessment:
- (a) each owner referred to in paragraph 3(d) that is an individual;
- (b) the proposed designated official referred to in paragraph 3(e), unless they were subjected to a security assessment in accordance with section 15 within the previous five years; and
- (c) the authorized individual referred to in paragraph 3(i).
5 Section 4 of the Regulations is replaced by the following:
4 In deciding whether to register an applicant, the Minister shall assess, based on the security assessments referred to in section 3.1 and any other information obtained in respect of the applicant, the extent to which the applicant poses a risk of transferring a controlled good to a person who is neither registered nor exempt from registration.
6 Section 9 of the Regulations is replaced by the following:
9 (1) Every applicant and registered person shall advise the Minister of any change in any of the information contained in or accompanying the application for registration within ten business days after the day on which they become aware of the change.
(2) A registered person shall, by the later of 32 business days before the date of an acquisition or one business day after the day on which they become aware of an acquisition, advise the Minister of the name and address of any person that will, as a result of the acquisition, own 20% or more of the outstanding voting shares or interests of the business.
7 (1) Paragraph 10(b) of the Regulations is replaced by the following:
- (b) that the person keep records of the most recent security assessment in respect of each of their officers, directors, employees, temporary workers, international students and visitors who examine, possess or transfer controlled goods and maintain those records — as well as supporting documentation — for a period of two years after the day on which the individual in question ceases to act in that capacity;
(2) Paragraph 10(c) of the French version of the Regulations is replaced by the following:
- c) elle conserve copie de la preuve visée au paragraphe 16(2) pendant la période de deux ans suivant la date à laquelle la personne physique exemptée cesse d’avoir accès à ses marchandises contrôlées;
(3) Paragraph 10(d) of the Regulations is replaced by the following:
- (d) that the person meets the requirements set out in section 11 and subsection 12(1);
(4) Subparagraph 10(e)(iii) of the French version of the Regulations is replaced by the following:
- (iii) énonce les responsabilités de son organisation de sûreté et indique le nom des personnes physiques qui sont responsables de la sûreté des marchandises contrôlées,
(5) Paragraph 10(h) of the Regulations is replaced by the following:
- (h) that the person advise the Minister of any actual or potential security breach in relation to controlled goods within three days after the day on which they discover the breach;
(6) Section 10 of the Regulations is amended by adding “and” at the end of paragraph (i) and by adding the following after that paragraph:
- (j) that the person submit to the Minister, every six months, the name of each individual in respect of whom the designated official conducted a security assessment during the previous six months, as well as the individual’s date of birth and an indication of the extent to which they were authorized to access controlled goods.
8 Sections 11 and 12 of the Regulations are replaced by the following:
11 An applicant for registration or a registered person may propose to appoint as a designated official only
- (a) themselves, if they are an individual; or
- (b) one of their officers, directors or employees who is either a Canadian citizen ordinarily resident in Canada or a permanent resident ordinarily resident in Canada and who has obtained — or will obtain before the appointment is made — any certification required by the Minister.
12 (1) A registered person shall ensure that a designated official is subjected to a security assessment in accordance with section 15 before their appointment and at least once every five years.
(2) An individual in respect of whom a security assessment is required under subsection (1) shall provide their consent to the security assessment, including their consent to the disclosure of their personal information to — and its use by — Canadian government entities and credit reporting agencies for the purpose of that assessment.
(3) The Minister shall, on the basis of the security assessment, accept or reject the individual as a designated official and shall notify the registered person of the acceptance or the reasons for rejection.
9 Section 13 of the Regulations is replaced by the following:
13 Every registered person shall ensure that the designated official
- (a) in respect of each officer, director and employee who is not a temporary worker of the registered person and who requires in the course of their duties access to controlled goods,
- (i) conducts, at least once every five years and with the consent of the individual concerned, including their consent to the disclosure of their personal information to — and its use by — Canadian government entities and credit reporting agencies for the purpose of the assessment, a security assessment in accordance with section 15,
- (ii) determines, on the basis of the security assessment, the extent to which the individual concerned poses a risk of transferring a controlled good to a person who is neither registered nor exempt from registration,
- (iii) if the designated official is of the opinion that the individual concerned poses a high risk, requests that the Minister conduct his or her own security assessment in respect of the individual concerned and provides to the Minister, for the purpose of carrying out that assessment, all information and evidence obtained by the designated official under subsections 15(2), (4) and (5),
- (iv) considers any recommendation provided by the Minister under subsection 15.1(2), and
- (v) decides the extent to which the registered person ought to authorize the individual concerned to examine, possess or transfer controlled goods;
- (b) verifies the information provided to them by temporary workers, international students and visitors for the purpose of applications for exemption submitted under section 18; and
- (c) obtains and maintains any certification required by the Minister.
10 Sections 14 and 15 of the Regulations are replaced by the following:
14 (1) The registered person shall be bound by the decision of the designated official under subparagraph 13(a)(v).
(2) An authorization by the registered person applies to an officer, director or employee only when that individual is acting in the course of their duties with the registered person.
Security Assessments
15 (1) The Minister shall conduct a security assessment in respect of all proposed designated officials and all individuals referred to in paragraphs 3(d) and (i), and the designated official shall conduct a security assessment in respect of all officers, directors and employees referred to in paragraph 13(a), having regard to the information provided under subsection (4).
(2) In conducting the security assessment, the Minister may also have regard to other information provided by any person and the designated official may have regard to other information provided by the Minister if the Minister or the designated official, as the case may be, has reasonable grounds to believe that the information is necessary to determine the extent of the risk referred to in subsection (3).
(3) The purpose of the security assessment is to determine the extent to which the individual being assessed poses a risk of transferring a controlled good to a person who is neither registered nor exempt from registration.
(4) The individual who is the subject of the security assessment shall provide the Minister or the designated official, as the case may be, with the following information and, on request, any additional information or evidence that the Minister or the designated official requires to verify it:
- (a) their name and any previous names;
- (b) their date and place of birth;
- (c) all citizenships and any permanent resident status;
- (d) personal references; and
- (e) a description, in respect of the five-year period immediately before the day on which the individual consents to the assessment, of their
- (i) criminal history,
- (ii) places of residence,
- (iii) education and employment history,
- (iv) financial history,
- (v) history of travel outside of Canada and the United States, including any denial of entry into another country,
- (vi) significant personal and professional associations and relationships that could affect the extent to which the individual poses a risk of transferring a controlled good to a person who is neither registered nor exempt from registration, and
- (vii) any security clearance held, denied, suspended or revoked.
(5) An individual who is or has been the subject of a security assessment shall advise the Minister or the designated official, as the case may be, of any change concerning their criminal history within five business days after the day on which the change occurs.
(6) The Minister or the designated official, as the case may be, shall reconduct a security assessment if new information is received or if there are other reasonable grounds for doing so.
15.1 (1) If a request is made to the Minister under subparagraph 13(a)(iii), the Minister shall conduct the security assessment of the individual concerned in accordance with section 15.
(2) The Minister shall advise the designated official of his or her recommendation respecting the extent to which the individual concerned poses a risk of transferring a controlled good to a person who is neither registered nor exempt from registration and the extent to which, in the Minister’s opinion, the individual ought to be authorized to examine, possess or transfer controlled goods.
11 Section 17 of the Regulations is replaced by the following:
17 A temporary worker, international student or visitor is eligible for exemption from registration only if a registered person submits to the Minister an application on their behalf in accordance with section 18.
12 Sections 18 and 19 of the Regulations are replaced by the following:
18 A registered person may apply to exempt a temporary worker, international student or visitor from registration by sending to the Minister, on a form supplied by the Minister, an application that contains
- (a) the name of the registered person;
- (b) the name, any previous names, date of birth and citizenships of the temporary worker, international student or visitor;
- (c) in the case of a visitor, their address and the name and address of their employer, if applicable;
- (d) a description, including the country of origin if other than Canada, of the controlled goods that the temporary worker, the international student or the visitor will examine, possess or transfer;
- (e) the expected duration of the temporary worker’s employment or of the international student’s placement with the registered person or the expected duration and purpose of the visit; and
- (f) a statement signed and dated by the designated official, stating that
- (i) the individual for whom the exemption is being sought meets the requirements of the definition of temporary worker, international student or visitor, as the case may be,
- (ii) in the case of a temporary worker or international student, the designated official has contacted their personal references, and
- (iii) the information contained in and accompanying the application is accurate and complete.
18.1 (1) An application for exemption from registration shall be accompanied by the consent of the temporary worker, international student or visitor to a security assessment to be conducted in accordance with section 19, including their consent to the disclosure of their personal information to — and its use by — Canadian government entities for the purpose of the assessment, as well as a copy of their valid passport.
(2) In the case of a temporary worker or international student, the application shall also be accompanied by their consent to the disclosure of their personal information to — and its use by — credit reporting agencies for the purpose of the security assessment, as well as
- (a) copies of all identity documents issued to them by the Government of Canada or any province;
- (b) evidence that they are authorized to work or study in Canada, as the case may be, and, in the case of an international student, a document from the academic institution at which they are authorized to study indicating that the work they are doing for the registered person is integral to those studies;
- (c) personal references;
- (d) a description, in respect of the five-year period immediately before the day on which they consent to the assessment, of their
- (i) criminal history,
- (ii) places of residence,
- (iii) education and employment history, and
- (iv) history of international travel outside of Canada and the United States, including any denial of entry into another country; and
- (e) the original results of a country-wide criminal record check conducted by the relevant authorities in every country other than Canada in which they resided during the period referred to in paragraph (d).
(3) The temporary worker and the international student shall, on request, provide the designated official with any additional information or evidence that the designated official requires to verify the information provided under subsection (2).
Security Assessments for Temporary Workers, International Students and Visitors
19 (1) The Minister shall conduct a security assessment in respect of all temporary workers, international students and visitors in respect of whom an application for exemption from registration has been made under section 18, having regard to the information provided under section 18.1 and any other information that the Minister has reasonable grounds to believe is necessary to make a decision under section 20.
(2) The purpose of the security assessment is to determine the extent to which the individual being assessed poses a risk of transferring a controlled good to a person who is neither registered nor exempt from registration.
(3) The registered person shall advise the Minister of any change in any of the information contained in or accompanying an application for exemption within five business days after the day on which the change occurs.
(4) The Minister shall reconduct a security assessment if new information is received or if there are other reasonable grounds for doing so.
13 Section 20 of the Regulations is replaced by the following:
20 The Minister shall, on the basis of the security assessment conducted under section 19, decide whether to approve or deny the application for exemption from registration.
14 Section 21 of the Regulations is replaced by the following:
21 (1) If the Minister approves an application for exemption, the Minister shall provide a certificate of exemption from registration to the registered person that sets out the period for which the exemption is valid and any conditions under which the temporary worker, the international student or the visitor concerned may examine, possess or transfer controlled goods.
(2) The registered person shall provide the temporary worker, the international student or the visitor with a copy of the certificate.
15 The heading before section 25 and sections 25 and 26 of the Regulations are repealed.
16 Section 27 of the Regulations is replaced by the following:
27 (1) If the Minister has reasonable grounds to believe that a registered person or an exempt individual poses an undue risk of transferring a controlled good to a person who is neither registered nor exempt from registration, the Minister shall suspend the registration or the exemption.
(2) The Minister shall revoke the registration or the exemption if he or she determines that the registered person or the exempt individual poses an undue risk of transferring a controlled good to a person who is neither registered nor exempt from registration and that
- (a) a material fact was, with the intent to mislead, deliberately omitted from or misstated in the application for registration or exemption or in connection with a security assessment referred to in section 3.1, 12 or 19; or
- (b) the registered person or the exempt individual is bankrupt.
(3) The Minister shall reinstate the registration or the exemption if, within 30 days after the date of the notice of suspension or revocation, the registered person makes representations to the Minister that satisfy him or her
- (a) that there are no longer grounds for the suspension; or
- (b) that the revocation was unfounded.
(4) If the registered person does not, in the case of a suspension, meet the requirements of subsection (3), the Minister shall revoke the registration or the exemption.
(5) The Minister shall provide to the registered person notice with reasons of any decision to suspend or to revoke a registration or exemption, or not to reinstate a revoked registration or exemption despite representations being made, as well as notice of any decision to reinstate a registration or exemption.
(6) The registered person shall, within one business day after the day on which they receive a notice from the Minister concerning the exemption of a temporary worker, international student or visitor, provide to that individual a copy of the notice.
Coming into Force
17 These Regulations come into force on the day on which they are registered.
REGULATORY IMPACT ANALYSIS STATEMENT
(This statement is not part of the Regulations.)
Background
Controlled goods are items specifically designed or modified for military use, including components or technologies (e.g. technical documentation and data, blueprints, etc.); they include, among other things, items such as anti-tank weapons, bombs, torpedoes, mines, missiles, military vehicles (tanks), vessels (submarines), combat aircraft, and chemical, biological and radioactive material used for military purposes. The Controlled Goods Program (the Program), created in April 2001, is a domestic industrial security program administered by the Department of Public Works and Government Services (PWGSC or the Department). The objective of the Program is to safeguard controlled goods within Canada, prevent controlled goods from being accessed by unauthorized persons, and strengthen Canada’s defence trade controls. The Program supports Canada’s national security framework by preventing the domestic proliferation of tactical and strategic goods (including technologies). It regulates the possession, examination, or transfer of controlled goods, including the defence articles contained in the United States Munitions List (USML) to the International Traffic in Arms Regulations (ITAR).
The Controlled Goods Regulations (the Regulations), made pursuant to the Defence Production Act, were registered on January 9, 2001, and came into force on April 30, 2001. The Regulations require individuals and companies that possess, examine or transfer controlled goods in Canada to register with the Program. The Program conducts security assessments of the applicant’s designated official (i.e. the company-appointed official who is responsible for performing the security assessment of employees), conducts inspections to ensure compliance with the Regulations, and grants exemptions to visitors, temporary workers and international students.
In 1954, the United States (the U.S.) instituted the ITAR to implement provisions of the U.S. Arms Export Control Act to control the export and import of defence-related articles and services specified on the USML. For practical purposes, the ITAR prohibits the sharing of information and materials on the USML with non-U.S. persons without authorization from the U.S. Department of State or without an exemption. From the inception of the ITAR, Canada was the only country to benefit from exemptions allowing for the licence-free transfer of certain defence articles between the countries. Canadian defence industries benefited from the Canadian exemptions, as these exemptions placed them on a quasi-equal footing with their U.S. counterparts and resulted in significant economic benefits from reduced export paperwork and approval timelines. In 1999, the U.S. unilaterally revoked the Canadian exemptions due to increased security concerns regarding the risk of diversion of defence articles for criminal or terrorist aims. Although the U.S. reinstated most of the pre-1999 ITAR exemptions with the implementation of the Program, they maintained the access restriction by certain individuals with dual nationality and nationals from developing countries. Under this restriction, an end-user was prohibited from access to an ITAR-controlled good if he or she maintained citizenship of a proscribed country listed under the ITAR (e.g. North Korea, Iran, Sudan, Venezuela, etc.).
The application of the “dual national rule” caused various human rights complaints to be brought against employers in Canada who were denying access to ITAR-controlled articles based on an individual’s nationality, as the Canadian Charter of Rights and Freedoms protects individuals from discrimination based on nationality. In 2007, the Minister of PWGSC (the Minister) was given the lead to address this issue and began discussions with U.S. counterparts to identify solutions. In August 2011, an “Exchange of Letters” between PWGSC and the U.S. Directorate of Defense Trade Controls was signed. As described below, the Exchange of Letters served, in part, to resolve the dual national issue.
The pre-9/11 security environment in which the Program was created has also evolved. There is now increased security awareness of the risks posed by the diversion of military and strategic technology to support criminal and terrorist threats. In 2009, a threat and risk assessment identified potential security gaps in the Program. Concurrently with the exchanges with the U.S. Directorate of Defense Trade Controls on resolving the dual national issue, PWGSC developed the Enhanced Security Strategy (ESS). The purpose of the ESS was to address the security gaps identified through the risk assessment while fulfilling the commitments made through the Exchange of Letters. In signing the Exchange of Letters, the Directorate of Defense Trade Controls acknowledged that the enhancements to the Program made as part of the ESS satisfied the ITAR requirements for the screening of significant and meaningful associations and travel [i.e. under section 126.18(c)(2) of the ITAR rule]. This in effect resolved the issue of individuals with dual nationality and nationals from developing countries.
Enhanced Security Strategy — Phase I
The implementation of the ESS was divided into two phases, the first of which was initiated in October 2011. Security and business enhancements brought to the Program through Phase I of the ESS were implemented under existing authorities and did not require immediate amendments to the Defence Production Act or to the Regulations. ESS — Phase I improvements included the following:
- Increased efficacy of the Program registration process. This was achieved by
- increasing the assessment of ownership, including foreign ownership, by requiring owners with 20% or more of voting shares to submit a completed Security Assessment Application Form as part of the registration application process; and
- requiring authorized individuals (i.e. the individual authorized by the applicant who signs to confirm that the application for registration of a person is accurate and complete) to submit a completed Security Assessment Application Form as part of the registration application process.
- Tightened security assessment procedures for both government and industry. This was achieved by
- standardizing the security assessment procedures, such as developing a new Security Assessment Application Form and mandating that it be used by designated officials as part of the security assessment of employees;
- applying a standardized risk matrix assessment tool across the board for all Program registrants;
- creating a certification program for industry officials who are responsible for security assessments within their organization (i.e. designated officials);
- requiring that designated officials submit fingerprint results as part of the application process;
- increasing support provided to designated officials in the security assessments of moderate- and high-risk employees;
- ensuring that students who access controlled goods undergo security assessments;
- increasing the checks on temporary worker exemption applications by referring tombstone information (e.g. name, address, telephone number, etc.) to security and intelligence partners; and
- acquiring an analytical tool to evaluate additional security assessment-related information, to analyze information received from security and intelligence partners, and to exchange information with these partners.
- Augmented compliance-related activities. This was achieved by
- increasing Program capacity and outreach efforts to promote compliance, including telephone pre-inspection coaching and conducting a complete internal review of the compliance inspections processes; and
- adding the requirement for the security plans of registrants to include transportation and cyber security considerations.
- Implemented structural and operational elements in support of the strategy. These included
- creating three new divisions: Program Management and Learning Division (responsible for the certification program and external communications), Strategic Initiatives Division (responsible for liaising with the U.S. on export control and ITAR issues, drafting policy guidance, and amending the Regulations), and Intelligence and Analysis Unit (which liaises with security and intelligence partners and analyzes high-risk files); and
- increasing capacity in the Operations Division to process additional security assessments (i.e. assessments of the authorized individuals and owners).
In addition to the steps taken under the ESS — Phase I, it was determined that three additional elements of the ESS required regulatory amendments for the Program to be implemented as intended. These amendments were deferred to ESS — Phase II. More specifically, ESS — Phase II amendments
- enable the Minister to make a recommendation to the designated official for high-risk employees submitted for further verifications and require that the designated official consider this recommendation;
- enable the security assessment of a visitor and obtain the consent of the individual subject to that assessment; and
- require registrants to submit a list, to the Minister, of individuals who have undergone a security assessment for access to controlled goods.
Issues
Although the Defence Production Act and the Regulations provided the initial statutory and legal authority for ESS — Phase I, PWGSC determined that it would be beneficial to further clarify certain elements in regulations. More specifically, the Regulations did not specify that the authorized individual (i.e. the individual who is responsible for signing and submitting the application for registration and renewal) and the owner(s) must undergo a security assessment, nor did they specify who is responsible for conducting that assessment. Furthermore, the information requested as part of a security assessment was not fully described under section 15 of the Regulations. Although subsection 15(6) provided that the Minister may take into consideration other information provided by a person, it did not state what this information could be. This lack of clarity under the Regulations was problematic for industry in some instances, particularly in regard to industry’s ability to demonstrate compliance with Program requirements.
Further, the operational requirement that the designated official undergo certification was not included in the Regulations. Moreover, the Regulations did not include the requirement for the designated official to refer high-risk employees to the Program for further assessment. These fundamental elements of the ESS merited inclusion and clarification in the Regulations.
As described below, three ESS — Phase II activities required regulatory authority in order to be implemented. Two of these activities represented a minor change to existing practices, while the third built on existing record-keeping requirements.
(1) Enable the Minister to provide a recommendation to the designated official for high-risk employees
Although designated officials submit high-risk employee security assessments to the Program for further checks with security and intelligence partners, the Minister did not have the authority to make a recommendation to the designated official based on the findings of the additional security checks, nor did the Minister have the authority to require the designated official to consider the recommendation when deciding whether or not to grant the high-risk employee access to controlled goods. The Program communicated that the security assessment conducted by the designated official was either supported (i.e. confirmed) or not supported (i.e. could not be substantiated). Program stakeholders communicated that responses by the Program were not clear and that a recommendation would be more appropriate in supporting the designated official’s final determination.
(2) Obtain the consent of the individual in the visitor exemption process
Under the Regulations, an application to exempt a visitor from registering in the Program is submitted by the registered person on behalf of the visitor, but the Regulations did not specify that a security assessment is to be conducted, nor did they specify that the consent of the visitor is required for a security assessment. Consent is required for the Program to be able to consult security and intelligence partners regarding the security assessment, and the requirement for consent had to be specified in regulations.
(3) Require registrants to submit a list of all individuals who have undergone a security assessment
Another commitment made as part of the ESS was to collect information with regard to individuals who have access to controlled goods. The intent is to create a repository of information to facilitate exchanges with security and intelligence partners and, if necessary, to assist the Royal Canadian Mounted Police during the investigation of security breaches relating to controlled goods. Under the Regulations [paragraph 10(b)], registrants must maintain records of security-assessed individuals authorized to access controlled goods. Paragraph 10(i) further stipulates that these records must be made available to the Minister at any reasonable time. However, the Program could not request registrants to submit this information in a list format on a (routine) biannual basis.
In addition to these three ESS — Phase II elements, regulatory amendments also address recommendations made by the Standing Joint Committee for the Scrutiny of Regulations, which had expressed concerns regarding the powers of the Minister under section 27, and the use of the phrase “without delay.” The Department had agreed to address these issues by clarifying the circumstances under which the Minister could suspend, revoke, or re-instate a registration or exemption, and by prescribing time frames.
Objectives
The Regulations Amending the Controlled Goods Regulations were made pursuant to the Defence Production Act. This initiative consolidates existing requirements in the Regulations to add clarity and addresses remaining security gaps that have been identified.
The amendments address the issues identified above, complete the implementation of the ESS and respond to the concerns raised by the Standing Joint Committee for the Scrutiny of Regulations. Specifically, the amendments achieve the following objectives:
- Reflect and clarify in the Regulations the Program practices implemented in Phase I of the ESS.
- Address the three ESS — Phase II activities that required regulatory authority in order to be implemented.
- Address the concerns raised by the Standing Joint Committee for the Scrutiny of Regulations.
The amendments to the Regulations strike a balance between supporting Canada’s national security objectives, fulfilling the commitments made to the U.S. Department of State by PWGSC in the 2011 Exchange of Letters, maintaining the competitiveness of Canadian industry, and addressing framework gaps.
Description
A brief summary of the key elements contained in the amendments to the Regulations follows:
(1) Reflect and clarify in the Regulations Program practices implemented in Phase I of the ESS
In order to prevent the unauthorized diversion of controlled goods domestically and to effectively support the national security framework, persons who require access to controlled goods must be (i) registered with the Program, (ii) exempt from registration, or (iii) excluded. The information required in applying for registration or renewal is stipulated in section 3 of the Regulations. This section was amended and a new section (3.1) was added to reflect the following additional information required from businesses or individuals filing an application for registration or renewal:
- (1) The consent to a security assessment of persons who own 20% or more of the outstanding voting shares or interests, and an indication of the percentage that each person owns.
- (2) The designated official.
- (3) The consent to a security assessment of the authorized individual.
The above-mentioned security assessments are conducted by the Minister. These practices were implemented in October 2011.
Since individual applicants are security-assessed by the Minister, the Regulations now clarify that there is no requirement for an individual applicant to appoint a designated official, or for the individual applicant to undergo certification.
Security assessments evaluate the risk that an individual may pose in terms of the unauthorized transfer of controlled goods. The Regulations now further clarify processes that were implemented in October 2011 as part of Phase I of the ESS. More specifically, there are two “types” of security assessments described in the Regulations under sections 15 and 19; both sections have been expanded to include additional security-related risk factors. Section 15 concerns the assessments conducted by both the Minister and the designated official (i.e. the assessments of the authorized individual, owners with 20% or more of the voting shares, and the designated officials are conducted by the Minister, while the assessments of officers, directors, and employees are conducted by the designated official). Section 19 applies to assessments conducted by the Minister only in the context of applications for exemptions from registration.
A. Security assessments conducted as per section 15 of the Regulations now include the assessment of
- (a) History of travel outside of Canada and the U.S.; and
- (b) Significant personal and professional associations and relationships.
The amendments clarify that individuals who are the subject of the above-mentioned security assessment are required to provide to the designated official or the Minister, as the case may be, for the purposes of establishing their identity, a copy of the following:
- (a) Evidence of the information requested in subsection 15(4). For example, the information provided with regard to the items listed below should be capable of being verified by the Minister or the designated official:
- (i) the individual’s full name and any previous names;
- (ii) his or her date and place of birth;
- (iii) all citizenships and, if applicable, permanent resident status of the individual; and
- (iv) any security clearance held, denied, suspended or revoked.
The Regulations now include the conditions when security assessments could be referred to security and intelligence partners for further verifications. The Regulations specify that high-risk security assessments of individuals conducted by the designated official are to be referred to the Minister for additional security checks with security and intelligence partners. Assessing risk is performed on a case-by-case basis, following an assessment of the following parameters: personal information, criminal history, travel history, financial risk, significant and meaningful associations, and specific charges or convictions.
Security assessments conducted under section 15 are valid for a period of up to five years. Given this, the Regulations now specify that the record retention requirement is to keep and maintain only the most recent security assessment. This measure is intended to relieve some of the burden on registrants vis-à-vis the regulatory requirement to maintain records of security assessments during the period of an individual’s employment.
B. Assessment conducted under section 18 of the Regulations — Temporary workers, international students, and visitors
A registered person can apply to the Minister to exempt a temporary worker or a visitor. Regulations now include a distinct provision for international students. An international student is now defined as a person who is authorized by a study permit or by the Immigration and Refugee Protection Regulations to engage in studies in Canada and is not a director, officer or employee of a registered person. Further to the information requested in section 18, the Regulations now stipulate the requirement for consent to the security assessment by the international student and visitor, and, in the case of an international student, the following documents are to be requested by the designated official: a copy of the student’s valid study permit, a letter from the academic institution at which they are authorized to study indicating that the work they are doing for the registered person is integral to those studies (if applicable), copies of all identity documents issued to them by the Government of Canada or any of its provinces, and the original results of a country-wide criminal record check from each country other than Canada that they have resided in during the five-year period immediately before the date of their consent to the security assessment. The last two of these elements apply to temporary workers as well.
A record-keeping requirement for visitor exemptions is also included in the Regulations to align them with operational procedures. These records have to be maintained by the registered person until two years after the day on which the visitor ceases to carry out their duties.
Designated officials are responsible for the security assessment of officers, directors and employees within the registered entities and are the primary point of contact between Government and industry. In light of the importance of the designated official’s role in this partnership, the Regulations now include the requirement for them to obtain and maintain any certification required by the Minister.
(2) Address the three ESS — Phase II activities that required regulatory authority in order to be implemented
The Regulations now require registered persons to submit to the Minister the following information for all individuals who have been security-assessed by a designated official over the last six months: full name, date of birth, and whether the individual was authorized to access controlled goods. Although registered persons had to make this information available to the Minister during compliance inspections or upon request, this systematic reporting requirement facilitates the Department’s responsiveness during investigations or when addressing reported security breaches. This requirement also supports the registrant by ensuring that any new or previously unknown risks concerning an unauthorized diversion of controlled goods are mitigated through increased information sharing between the Government and industry.
Similarly, the amendment was necessary to require that consent be obtained from any visitor to have their name referred to security and intelligence partners as part of the exemption process, which allows for a more thorough assessment of an individual in a position to access a registrant’s controlled goods.
The amendments to the Regulations now enable the Minister to make a recommendation to the designated official in instances where a security assessment of a high-risk individual is referred by the designated official for further verifications. The designated official is now required to consider this recommendation in his or her assessment. The final decision of whether or not to grant access to an employee, director, or officer remains with the designated official. This amendment is intended to better support the designated official in his or her functions by providing access to additional information (through the Minister), which facilitates and substantiates a thorough decision.
(3) Concerns of the Standing Joint Committee for the Scrutiny of Regulations
Clarifying the decisional criteria for the revocation and suspension of registrations and exemptions
The Regulations detail the provisions for suspensions and revocations of registrations and exemptions from registrations, as well as define the circumstances under which the Minister would consider a suspension or revocation. The Regulations were amended to clarify the criteria for suspensions and revocations (section 27) as follows:
- (a) Suspension: the Minister has reasonable grounds to believe there is an undue risk of unauthorized transfer of controlled goods.
- (b) Revocation [subsection 27(4)]: the Minister is not satisfied with the actions taken following a suspension; the Minister determines that there is an undue risk and the actions or omissions were deliberate; or the company is bankrupt.
Clarifying the decisional criteria for the reinstatement of a suspended registration or exemption
The Regulations were amended to better articulate how the decision is made to reinstate a suspended or revoked registration or exemption. In addition, the discretionary power of the Minister was removed as it pertains to reinstatement of a suspension or revocation in circumstances where there are no longer grounds for the suspension or the revocation was unfounded [i.e. the replacement of “may” with “shall” in subsection 27(3)]. The amendments reflect current practice with respect to suspensions and revocations.
Specifying a time period to replace the phrase “without delay”
Section 40 of the Defence Production Act requires information to be provided to the Minister “in the manner and time prescribed by regulation.” Amendments have prescribed a time frame for all relevant sections of the Regulations:
- Section 9: Registrants are required to inform the Minister of any changes in any of the information contained in the application for registration within 10 business days. This section also includes the requirement to inform the Minister of the name and address of any person that will, as a result of an acquisition, own 20% or more of the outstanding voting shares or interests of the business by the later of 32 business days before the date of an acquisition or one business day after the day on which they become aware of an acquisition.
- Paragraph 10(h): Registrants are required to inform the Minister within three days upon discovery of a potential security breach.
- Subsection 15(5): A person subject to a security assessment is required to inform the Minister or the designated official, as the case may be, of any changes concerning criminal history within five business days.
- Subsection 19(3): Registrants are required to inform the Minister within five business days of any changes in an application for exemption.
While other sections containing “without delay” were not identified by the Standing Joint Committee for the Scrutiny of Regulations, amendments to the following subsection have been made, and specific time frames provided, for clarification and consistency:
- Subsection 27(6): Registrants are required to provide a temporary worker, international student or visitor whose registration or exemption is subject to revocation or suspension with a copy of the notice from subsection 27(1), (2), (3) or (4) within one business day from the time that it is received from the Minister.
Regulatory and non-regulatory options considered
The options outlined below provide an overview of the alternatives that were considered.
Option 1: Leave the Regulations in place (i.e. maintain the status quo)
The status quo was not considered to be a viable option. The previous regulatory requirements did not fully address certain activities required to address potential security gaps. Furthermore, the Standing Joint Committee for the Scrutiny of Regulations recommendations could only be addressed through regulatory amendments.
Option 2: Address the identified issues in policy
Phase I of the ESS was implemented through policy and operational changes. However, following an assessment of the various elements and possible gaps that were identified, it was determined that a clear regulatory framework for registrants that incorporates all regulatory obligations was necessary in order to administer the Program as intended. Additionally, elements from ESS — Phase II and the recommendations of the Standing Joint Committee for the Scrutiny of Regulations could not be addressed in policy. This option would not have permitted the completion of the strategy.
Option 3: Amend the Regulations to include enhanced requirements (chosen option)
Amending the Regulations has allowed the Department to meet the objectives stated above while enabling the Program to deliver on its mandate to safeguard controlled goods against unauthorized transfer.
Benefits and costs
Stakeholders of the Program include firms or associations involved in the aerospace, defence, satellite and security sectors; sole proprietors; consultants; academic institutions; and museums. While the list of Program stakeholders is extensive, the Canadian aerospace, defence and security industries constitute the “principal” stakeholder group. The companies from these industries represent the largest percentage of registrants and are considered to be the Program’s main clients. There are also a number of government departments who either use controlled goods (for example the Department of National Defence) or are impacted by national security considerations.
PWGSC is aware of the need to weigh the consequences of any change on industry while ensuring national security concerns are fully met. Below is a short analysis of the estimated costs and qualitative impacts (positive and negative) by stakeholder group. It should be noted that no new costs are anticipated for the Canadian public or government as a result of the regulatory amendments. Any costs associated with new activities are strictly limited to the registrant’s time in obtaining a signature (in the case of visitor exemptions), considering the Minister’s response (in the case of referrals of high-risk individuals), and emailing the list of records (in the case of submitting a list of security-assessed people). The Program does not require additional capacity or tools to sustain these activities.
Overview of estimated costs
Administrative costs |
|||||
---|---|---|---|---|---|
Cost-benefit statement |
Base Year (2014) |
Final Year (2023) |
Total (Present Value) [10 Years] |
Average Annual (Present Value) |
|
A. Quantified impacts ($) |
|||||
Benefits |
Large / medium businesses |
$0 |
$0 |
|
|
Small businesses |
$0 |
$0 |
|
|
|
Sole proprietors |
$0 |
$0 |
|
|
|
Total |
$0 |
$0 |
$0 |
$0 |
|
Costs |
Large / medium businesses |
$58,448 |
$19,260 |
$289,147 |
$41,168 |
Small businesses |
$158,298 |
$34,403 |
$570,810 |
$81,270 |
|
Sole proprietors |
$0 |
$0 |
$0 |
$0 |
|
Total |
$216,746 |
$53,664 |
$859,957 |
$122,439 |
|
Net administrative costs |
$859,957 |
$122,439 |
|||
B. Qualitative impacts |
|||||
Short list of qualitative impacts by stakeholder |
|||||
Canadians and the Canadian economy |
|
||||
Canadian government |
|
||||
Canada–U.S. relations |
|
||||
Industry and other stakeholders |
|
Canadians and the Canadian economy
Amendments are intended to ensure that Canada, particularly the Canadian defence, aerospace, satellite and security industries, continues to benefit from its privileged defence trade relationship with the U.S. and access to this important market. This is primarily accomplished in this context by supporting the maintenance of Canada’s U.S. ITAR exemptions.
The Regulations increase the efficiency of the Program in protecting against “intangible technology transfer” and industrial espionage. No new costs for Canadians are foreseen, except those identified for industry.
Canadian government
The amendments add clarity and transparency with respect to the ESS — Phase I, but have not resulted in a change of direction operationally either for the Program or for Program registrants.
The changes related to the amendments that were required to implement the ESS —Phase II activities have been made using existing resources. These amendments have been incorporated into processes already in place (i.e. the existing processes surrounding the security assessment referrals of high-risk individuals, visitor exemptions, and the record keeping of security-assessed individuals). Consequently, no new costs are foreseen for the Canadian government.
Canada–U.S. relations
Amendments codify in regulation the existing practice of assessing the following key risk indicators:
- Travel frequency, duration, and location; and
- Significant and meaningful associations (foreign and domestic).
These practices were implemented in the ESS — Phase I to strengthen the security around controlled goods. Specifically, stipulating these enhancements in regulation helps maintain the high confidence that the U.S. has in Canada’s controlled goods regulatory regime and continues to support the ITAR exemptions [section 126.18(c)(2)]. No costs are foreseen.
Industry and other stakeholders (registrants)
One of the main objectives of these regulatory changes is to bring clarity to the framework to provide registered persons with a better understanding of the Program’s requirements and their regulatory obligations. Consequently, only elements which would result in new incremental practices and/or requirements were evaluated.
The calculations included herein focus on the following three activities:
- Consideration of a recommendation provided by the Minister to a designated official for referrals of high-risk employees;
- Obtaining the consent of the individual in the visitor exemption process; and
- Submitting twice annually the list of security-assessed individuals to the Minister.
As detailed below, it is anticipated that the first two regulatory amendments only affect a small portion of current registrants, with an average of 15% (76 of 498) of the medium and large registrants and 15% (311 of 2 055) of small registrants. The anticipated costs of the third element were applied to large, medium and small registrants. Given that 52% of the Program participants are small businesses (versus only 12% for medium/large businesses), this is the most affected class of registrants. However, the cost to each small business is anticipated to be less than the anticipated cost to each medium/large business. The overall cost for small business is greater since there are more small registrants in the Program compared to the number of medium/large businesses. The total cost of the new administrative burden to industry is estimated to be a present value (PV) of $122,439 annually ($859,957 PV over 10 years).
There are no new compliance costs as a result of these Regulations.
None of the above amendments are expected to affect, in any significant way, individual registrants or sole proprietors. In the three years preceding the regulatory amendment, there have been no instances of individual registrants or sole proprietors submitting a visitor exemption request or a security assessment referral for a high-risk employee. This trend is not expected to change. Furthermore, this group is not expected to have, or to submit, a list of employees.
“One-for-One” Rule
The amendments to the Regulations are considered to be an “IN” under the “One-for-One” Rule. These amendments are expected to marginally increase the administrative costs for some Program registrants, particularly those who process a high number of high-risk security assessments. These registrants fall mostly in the medium to large business category, which is less than 12% of the total number of program registrants.
The net present value (NPV) is $859,957 over a 10-year period using a discount rate of 7% and the annualized present value is $122,439.
Cost-benefit statement |
Base Year (2014) |
Final Year (2023) |
Total (Present Value) [10 Years] |
Average Annual (Present Value) |
|
---|---|---|---|---|---|
A. Quantified impacts $ |
|||||
Familiarization with new obligations related to the amendments. |
Large / medium businesses |
$23,039 |
$0 |
$23,039 |
$3,280 |
Small businesses |
$95,069 |
$0 |
$95,069 |
$13,536 |
|
Sole proprietors |
$0 |
$0 |
$0 |
$0 |
|
Total |
$118,108 |
$0 |
$118,108 |
$16,816 |
|
Consider the recommendation of the Minister with regard to the risk level of employees submitted to the Program for further verifications. |
Large / medium businesses |
$6,807 |
$3,703 |
$51,158 |
$7,284 |
Small businesses |
$475 |
$259 |
$4,998 |
$712 |
|
Sole proprietors |
$0 |
$0 |
$0 |
$0 |
|
Total |
$7,282 |
$3,962 |
$56,156 |
$7,995 |
|
Obtain consent form from visitor for exemption requests. |
Large / medium businesses |
$17,734 |
$9,646 |
$133,272 |
$18,975 |
Small businesses |
$612 |
$344 |
$3,735 |
$532 |
|
Sole proprietors |
$0 |
$0 |
$0 |
$0 |
|
Total |
$18,346 |
$9,989 |
$137,007 |
$19,507 |
|
Submit list of security-assessed individuals to the Program every six months. |
Large / medium businesses |
$10,868 |
$5,912 |
$81,678 |
$11,629 |
Small businesses |
$62,141 |
$33,801 |
$467,008 |
$66,491 |
|
Sole proprietors |
$0 |
$0 |
$0 |
$0 |
|
Total |
$73,010 |
$39,713 |
$548,686 |
$78,121 |
|
Net administrative costs — discounted to 2014 |
$859,957 |
$122,439 |
|||
Net administrative costs — discounted to 2012 |
$751,120 |
$106,943 |
|||
Note: The value counted under the "One-for-One" Rule is $106,943. |
Cost per small business
The anticipated increase in administrative costs per small business is $278 (NPV) over a 10-year period. This new cost is only expected to apply to approximately 15% of small businesses registered in the Program. Not all small businesses are affected by the amendments to the Regulations under Phase II of the ESS. Statistical analysis from fiscal year 2012–2013 showed that
- 0.1% of small businesses (2) submitted a request for further verification in regard to high-risk employees;
- 1.2% of small businesses (24) requested visitor exemptions through the Program; and
- 34.9% of small businesses (716) would have been required to submit a list of security-assessed individuals every six months to the Program.
These figures exclude individual registrants and sole proprietors.
When the percentage of small businesses affected in the calculations is factored in, the annual average NPV administrative cost increase is estimated to be $40 per affected small business.
Small business lens
The costs associated with the regulatory amendments are less than $1 million annually; consequently, the small business lens does not apply.
Any potential increases in administrative costs that may arise from the three amendments relating to Phase II of the ESS are estimated to be low overall (see table above). Small businesses do not submit a large number of referrals of high-risk employees or visitor exemptions (two of the three activities). These Program activities are primarily undertaken by medium and large businesses. Anticipated costs were validated with stakeholders via a survey administered electronically in February and March 2014 and again with members of the Program’s Industry Engagement Committee in October 2014.
Consultation
Since 2010, the Program’s largest stakeholders were given the opportunity to provide input on proposed regulatory amendments through a series of consultation and communications activities.
General public
Status updates with regard to the rollout of the ESS were made through the regular posting of information bulletins on the Program’s Web site. The Program continued its involvement in various outreach activities, including trade shows and conferences. Regulatory amendments have been communicated, specifically how they pertain to aligning the Regulations with ESS changes implemented by the Program in October 2011.
Industry stakeholders (registrants)
The regulatory amendments contribute to the improved global competitiveness of the Canadian aerospace, defence and satellite sectors. As a result of the increase in clarity, registrants should have a better understanding of policy and regulatory requirements. Registrants have been supportive of efforts to standardize the application of the registration and security assessment process across the industry, and are expected to benefit from the increase in guidance from the Minister in terms of training and high-risk employee situations.
Industry and stakeholder departments and agencies were consulted in the development of the ESS — Phase I through the Program Industry Advisory Board. Concerns were raised by stakeholders in the months following the implementation of the ESS — Phase I. These included the level of information required for security assessments, the increase in demands placed on designated officials (including the cost of certification), and the sharing of personal information with foreign governments. In the months following the October 2011 launch of the ESS, PWGSC met with stakeholders to address their concerns.
In January 2012, the Industry Engagement Committee was established (replacing the Program Industry Advisory Board) in order to engage industry on an ongoing basis regarding the impacts on industry of any Program changes, including legislative and regulatory changes, while ensuring national security concerns are fully addressed. The Industry Engagement Committee is comprised of five aerospace and defence companies, four industry associations, one educational association, and one consulting firm. Together, these industry members represent a broad cross-section of the aerospace and defence industries. Since its inception, the Industry Engagement Committee has met monthly and has provided advice to PWGSC regarding the Program. These efforts have served to inform the development of the regulatory amendments and increase the level of stakeholder support and comprehension.
Workshops were offered by PWGSC to designated officials between September 2011 and April 2012 to provide training on new Program requirements for security assessments. Expanded educational and certification measures, combined with standardized assessment procedures, helped to ensure that Canadian companies remain aware of their obligations under the new rules and increased compliance with Program requirements, all of which serve to facilitate the safeguarding of controlled goods.
Lastly, amendments that were proposed were presented to the Industry Engagement Committee for feedback in November 2014. Industry Engagement Committee member feedback was positive and integrated into the proposal, where appropriate. This included the recommendation to add a provision or new section regarding change in ownership that would require 32 days’ advance notice. The members also recommended that assumptions used to develop the estimated costs be explicitly stated to help mitigate any confusion on the part of stakeholders regarding the anticipated level of effort associated with the new requirements. A document detailing the assumptions was prepared and is available upon request.
Other federal departments
Government departments that could have been affected by the changes were consulted. There were no outstanding concerns.
U.S. government
It is expected that the U.S. government will continue to be supportive of the amendments to the Regulations. The most recent bilateral meeting served, among other things, to update the U.S. government on the continued implementation of the ESS Strategy in the Program. No concerns were raised by the U.S. government regarding the regulatory amendments.
Canada Gazette consultation process
PWGSC received feedback from stakeholders and the public on the proposed amendments to the Regulations in the context of the Canada Gazette, Part I, consultation process, which took place between May 2 and June 1, 2015. The Canada Gazette, Part I, serves as a vehicle for general public feedback on proposed regulations. Canadians can actively contribute to the regulatory process by sending their comments or concerns on the subject under consultation to the appropriate department or agency. The objective of the public consultations was to seek input, from Program registrants and non-registrants alike, on the proposed amendments to the Regulations. Participants were able to provide their feedback by email or telephone.
The Program directly emailed a notice of PWGSC’s intent to amend the Regulations to more than 4 000 organizations from the Program database. The email contained a link to the posting of the Regulatory Impact Analysis Statement in the Canada Gazette in addition to links to the Program Web site to provide additional information on the proposal (e.g. Consultation Web page and Frequently Asked Questions on Amendments to the Controlled Goods Regulations). Program registrants were also advised of the Canada Gazette posting and its associated consultation period through “Ask the Expert” sessions that were held by the Program in May 2015.
In total, PWGSC received seven submissions from various stakeholders during this process, including one from an industry association. Of the seven submissions received, two were beyond the scope of the consultations as they were unrelated to the regulatory proposal.
The following summarizes the feedback received and PWGSC’s response.
(1) Notification time frames
One respondent expressed concerns with the different notification periods that were proposed throughout the regulations and suggested greater consistency to avoid confusion.
Response: Specific notification time frames were established to provide more clarity for stakeholders and to ensure that the Minister has enough time to assess and respond to the risks that could result from the various conditions that are addressed by the regulations, such as the discovery of a potential security breach, a change in registration status or a change in company ownership.
(Section 9.1) One respondent expressed concerns with the 5-day period for advising the Minister of any change to the information contained in the registration application and suggested extending the notification period to 30 calendar days.
Response: A 30-day notification period is too long to ensure that the Minister remains adequately informed and able to evaluate any risk related to changes to application information. (Note: Notification period has been adjusted to 10 business days instead of 5.)
(Section 9.2) One respondent indicated that there should not be any mandated time frame to advise the Minister of any potential sale or acquisition prior to the transaction occurring, as it could adversely affect negotiations and the ability of a company to raise capital. The respondent suggested the Minister should only be made aware of changes in ownership as they occur.
Response: Section 9.2 refers to acquisitions, not “potential acquisitions” that are being negotiated. In order to prevent unauthorized access to controlled goods, persons who acquire 20% or more of the outstanding voting shares of a business must undergo a security assessment. The rationale for the 32-day notification period is to ensure that the Minister is provided sufficient time to assess if a change in ownership poses any risk of unauthorized access to controlled goods. Section 9.2 reflects the input received from the Industry Engagement Committee that recommended adding a provision for advance notice of change in ownership.
One respondent recommended that paragraph 10(h) allow for a “two-level structure” for notifying the Minister about any actual or potential security breach: (1) the designated official would be required to advise the Minister of a potential breach within 15 calendar days, and (2) the registrant would report the findings of its investigation within 60 calendar days. This would ensure registrants have sufficient time to investigate a breach and to determine whether it actually occurred.
Response: PWGSC recognizes that a sufficient amount of time is needed to conduct a full investigation within a given organization after a potential breach has been discovered. The regulations do not impose a set time period for completing an investigation. The Minister is to be advised within three days of any potential security breach and/or within three days of confirming that an actual security breach has occurred, a conclusion that is usually reached after a potential breach has been fully investigated.
(2) Administrative burden
One respondent commented that cost impacts of the regulatory amendments should include the cost of requirements implemented by the Controlled Goods Program in 2011, as a result of a policy decision. The respondent suggested that 2011 should have been used as the base year instead of 2014.
Response: The majority of security and business enhancements brought to the Controlled Goods Program since 2011 were implemented under existing regulatory authority and were already in place when regulatory amendments were proposed. The cost-benefit analysis only accounts for the new activities that result from the regulatory amendments:
- Enabling the Minister to provide a recommendation to the designated official for high-risk employees;
- Enabling the security assessment of a visitor and obtaining the consent of the individual subject to that assessment; and
- Requiring registrants to submit a list to the Minister of all individuals who have undergone a security assessment.
The number of registrants impacted by each one of the new activities was extrapolated based on a statistical analysis of the Controlled Goods Program’s activity in fiscal year 2012–2013. This analysis demonstrated that the first two new activities would only impact a small proportion of program registrants. The increase in administrative costs that may arise from these three activities is expected to be low overall, particularly for small businesses. Sole proprietors/individuals were excluded from the calculations since they are not impacted by these new activities.
(3) Potential trade implications
Two respondents were concerned that changes to the exemption application process for temporary workers, visitors and international students (section 18) could have a detrimental impact on businesses’ ability to market Canadian products internationally because of the added administrative burden imposed on businesses and foreign nationals wishing to examine, possess or transfer controlled goods. One respondent also indicated that additional analysis should have been performed to determine the impact of regulatory amendments on Canadian trade.
Response: Requirements reflect the commitments made by Canada in the 2011 Exchange of Letters with the U.S. to augment security assessment procedures for certain categories of individuals by assessing key risk indicators including travel history, significant and meaningful associations and criminal history. PWGSC has carefully considered the impacts of regulatory amendments on industry. The regulations continue to support Canada’s trade interests by helping to maintain the Canadian Exemptions provided under the U.S. International Traffic in Arms Regulations (ITAR) for the license-free transfer of many ITAR-controlled defence articles between the U.S. and Canada and among registrants of the Controlled Goods Program.
(4) Privacy concerns
Two respondents expressed concerns with the requirement to consent to the disclosure of personal information to — and its use by — Canadian government entities and credit reporting agencies for the purpose of conducting security assessments (sections 3.1 and 12.2).
Response: PWGSC is bound by the Privacy Act, which imposes obligations to respect privacy rights by limiting the collection, use and disclosure of personal information. The information to be collected and shared with other federal government agencies is limited to what is required for conducting the security assessment. The personal information (e.g. name, date of birth or address) shared by the Government with credit rating agencies only serves to identify the person that is subject to a credit check. This involves the same process as in any regular credit analysis.
(5) Security assessment procedures
One respondent enquired about how the regulatory amendments affect company shareholders and owners who are neither Canadian citizens nor residents in Canada.
Response: All owners, including foreign owners, with 20% or more of voting shares are to submit a completed Security Assessment Application Form as part of the registration application process. This requirement applies in the renewal process as well for both foreign nationals and Canadian citizens, regardless of country of residence.
One respondent suggested clarifying the notion of residency under paragraph 18.2(e), which requires that an application for exemption of a temporary worker or international student be accompanied by original results of a country-wide criminal record check for all countries — other than Canada — in which applicants have resided.
Response: The criminal record check applies only to countries where the person has resided. This requirement is not applicable for temporary visits to other counties for business or leisure travel. The length of stay in a country may be a factor in determining residency status but is not decisive. Under Canadian law, the determination of residency status in Canada is done on a case-by-case basis and considers several criteria such as the existence of social ties (spouse or partner, dependent children, etc.) and/or economic ties (workplace and payment of taxes). The assessment of these factors is combined to identify an individual’s elected domicile or, in other words, where their daily life takes place. Since the notion of residence is a pre-established concept in Canadian law and depends on an assessment of factors, no further clarification is required in the Regulations.
After taking into consideration all the feedback received, PWGSC made only one adjustment to the regulatory amendment proposal: the time frame for advising the Minister about changes to registration information was extended from 5 to 10 business days. This change balances the needs of registrants for greater flexibility while ensuring that the Minister remains adequately informed and able to evaluate any risk related to the new information.
Implementation, enforcement and service standards
Implementation
The Regulations came into force on the day they were registered.
Enforcement
These Regulations do not alter existing compliance provisions under the Defence Production Act. Compliance and enforcement measures for all registered persons continue to include compliance inspections that monitor, but are not limited to, the following conditions of registration:
- Appointing a designated official;
- Establishing and maintaining a security plan;
- Maintaining records;
- Providing training to officers, directors, employees and temporary workers;
- Providing security briefings to visitors;
- Reporting security breaches; and
- Making available all records to the Minister and reporting any change in the application submission.
Service standards
In line with the Government of Canada’s Red Tape Reduction Action Plan initiative “Improving Service Performance for Regulatory Authorizations,” service standards and performance targets for all regulatory authorizations were established for the Program, as follows:
Program Activity |
Service Standard |
Service Standard Target |
---|---|---|
Registration (new and renewal) |
32 business days |
80% processed within standard |
Security assessments |
32 business days |
80% processed within standard |
Temporary worker exemptions |
30 business days |
80% processed within standard |
Visitor exemptions |
10 business days |
80% processed within standard |
It should be noted that a number of activities carried out by the Program require input from other departments or agencies (e.g. the Royal Canadian Mounted Police and the Canadian Security and Intelligence Service), subject to their own service standards and timelines. The response time may consequently be extended in cases where one or more of the following conditions exist:
- Adverse findings or external file referral;
- Inability to make contact with references provided or the authorized individual; and
- The designated official has not successfully completed the required training or has failed the certification exam.
Processing delays may result where additional verifications and collaboration with other departments or agencies are required. Applicants will receive a notice of extension within the service delivery window (i.e. 32 days) should service standard delays be anticipated.
In addition, Program registrants are expected to benefit from the precise time lines that replaced the numerous references to “without delay” throughout the Regulations. These measures should improve the client service experience and service delivery.
Program stakeholders and clients were consulted on service standards from November 2013 to May 2014 and were supportive of the regulatory amendments.
Performance reporting
A report on the performance of the Program relative to its service standard will be provided annually to Parliament through two tables of PWGSC’s Departmental Performance Report found in the Supplementary Information section. Performance will also be reported on the Program’s main Web page. The Program will also report on performance against targets on an annual basis on PWGSC’s Acts and Regulations Web page, which can be found at http://www.tpsgc-pwgsc.gc.ca/lr-ar/index-eng.html.
Performance measurement and evaluation
This initiative is largely intended to clarify the requirements in the Regulations that apply to persons accessing controlled goods in Canada.
To evaluate whether the Regulations are adequately understood, inquiry, inspection and compliance data will be assessed following the implementation period to determine whether there are any trends associated with non-compliance that might suggest that sections of the Regulations are not understood by all or particular groups of regulated parties.
Ongoing environmental scans will be used to identify any issues or situations concerning the domestic regulation of controlled goods that could have unintended consequences as a result of this initiative.
Contact
Louis LePage
Senior Director
Controlled Goods Program
Industrial Security Sector
Department of Public Works and Government Services
2745 Iris Street
Ottawa, Ontario
K1A 0S5
Telephone: 613-948-1767
Email: louis.lepage@pwgsc-tpsgc.gc.ca
- Footnote a
S.C. 2015, c. 3, s. 74 - Footnote b
R.S., c. D-1 - Footnote 1
SOR/2001-32