(Fiscal year 2023-2024)

Message from the Commissioner and Deputy Commissioner

In the spirit of transparency, the Canada Revenue Agency’s (CRA) is presenting its first Annual Report on employee misconduct and wrongdoing that covers the data for the 2023-2024 fiscal year. With the hard work of approximately 60,000 employees from coast to coast to coast, the CRA delivers on its mission to administer tax, benefits, and related programs, and ensure compliance on behalf of governments across Canada, thereby contributing to the ongoing economic and social well-being of Canadians.

Every CRA employee deserves to be treated in accordance with our core values of integrity, professionalism, respect, and collaboration, and can rightfully expect to be a part of a high-performing, diverse and inclusive workforce. These expectations come with equally important responsibilities and obligations outlined in the CRA’s Code of Integrity and Professional Conduct, the Directive on Conflict of Interest and the Values and Ethics Code for the Public Sector.

With its robust Integrity Framework, the CRA balances values and rules to protect integrity and prevent ethical lapses. Our shared values are reinforced each time our employees work relentlessly to preserve public confidence and trust in our work. On the other hand, our effective rules and controls ensure that the few employees who have a lapse in integrity are promptly identified, investigated and that appropriate action is taken.

Despite our best efforts, misconduct and wrongdoing does occur. We acknowledge that publicized cases of misconduct related to the Canada Emergency Response Benefit (CERB) negatively impacted the CRA’s reputation. The fraud committed by these employees was a unique circumstance which the CRA took very seriously and addressed rigorously and strongly. We must not let these isolated cases overshadow the integrity and hard work of the vast majority of CRA employees.

This report demonstrates our commitment to transparency and to the Clerk of the Privy Council’s renewed focus on values and ethics in the public sector. Further, making values and ethics real for employees is one of the CRA’s key initiatives within the Agency’s People Strategy. This report constitutes one of multiple actions that will continue to support the strong organizational culture and values of the Agency. We welcome the challenging conversations that will arise and recognize that these are an important part of change and improvement at the CRA.

Introduction

CRA employees are guided by the CRA’s Code of Integrity and Professional Conduct, the Directive on Conflict of Interest and the over-arching Values and Ethics Code for the Public Sector. These important terms and conditions of employment are mandatory to follow.

A recent Internal Audit on the CRA Values and Ethics Framework was conducted and published. The objective of the audit was to provide the Commissioner, CRA management, and the Board of Management (Board) with assurance that a values and ethics framework was in place and is working as intended to foster a culture of integrity and contribute to public trust. The audit results were generally positive and reinforced the fact that the CRA has a strong framework in place.

One key recommendation was to develop a process to identify and collaboratively monitor data and report on the state of values and ethics at the CRA to help strengthen the identification and assessment of ethical risks to systematically inform corporate business planning across the CRA. To address this recommendation, relevant internal partners worked together to create and publish an annual report on how the CRA addresses employee misconduct and wrongdoing and to promote the various reporting mechanisms available to employees to identify and assess behavioural lapses that pose ethical risks to the CRA. While the data has always been tracked and monitored by the respective programs, it had not historically been consolidated into a single product, and as such, this initial report harmonizes all the relevant data for the 2023-2024 fiscal year related to misconduct and wrongdoing including fraud, unauthorized access to taxpayer information, and harassment and violence. The definitions of these essential key concepts can be found in Appendix A – Definitions.

This annual report will increase transparency on how such matters are addressed and will identify trends and patterns that will be used to inform corporate business planning at the CRA and foster continuous improvement over time.

Workload related to Canada Emergency Response Benefit

The 2023-2024 year was unique in terms of misconduct investigations at the CRA as it was marked by an internal integrity review. The goal of this review was to carry out investigations on CRA employees who inappropriately claimed the Canada Emergency Response Benefit (CERB). The CERB provided financial support to Canadians who were directly affected by the COVID-19 pandemic, receiving monthly payments of up to $2,000. Following internal investigations, certain CRA employees who were found to have fraudulently applied for and received CERB payments were subject to a range of disciplinary measures, up to and including termination of employment.

Given that the situation related to CERB was exceptional and does not represent the normal type or number of initiated investigations on an annual basis, all data related to CERB has been excluded from the 2023-24 Overview summary findings in this report so that meaningful comparative information can be reflected in subsequent annual reports on employee misconduct and wrongdoing.

However, in the interest of transparency, the following provides an overview of the impact that this review had in the 2023-2024 fiscal year: 377 internal investigations completed by the Internal Affairs Division (IAD) were related to this review, representing 63% of the total investigations that they completed. Of those, 376 were founded. 231 disciplinary measures that were rendered this year were related to this review (51%). Of those, 220 (95%) resulted in a disciplinary termination.^{Footnote 1}

Privacy Protection

​​The Government of Canada provides guidance on protecting privacy when releasing information in their Privacy Implementation Notice 2023. If there is a reasonable expectation that individuals can be identified through the information, alone or in combination with other available information, it constitutes personal information. When information is considered personal, it must be protected in accordance with the Privacy Act.

Strategies were used in this report to minimize risk and respect the privacy of CRA employees, including small value suppression and rounding.

Overview

The CRA Employee’s lifecycle

To help ensure CRA employees are aware of their role and responsibilities in abiding by the rules and respecting the values of integrity, respect, professionalism, and collaboration, the CRA has many mechanisms and reminders in place. Employees are bound by the Code of Integrity and Professional Conduct, Directive on Conflict of Interest, as well as the Values and Ethics Code for the Public Sector. These terms and conditions of employment are integrated throughout the employee lifecycle, starting at the beginning of their recruitment journey until their offboarding. The table below demonstrates the measures taken at every step of the employee lifecycle to ensure they are familiar with their roles and responsibilities.

Misconduct and Wrongdoing

Misconduct is defined as a willful action or omission by an employee that contravenes an act, a regulation, a rule, the Code of Integrity and Professional Conduct, or a CRA corporate policy instrument, and which may result in disciplinary action. It should be noted that discrimination, harassment and violence in the workplace are forms of misconduct.

Wrongdoing as defined in section 8 of the Public Servants Disclosure Protection Act:

• (a) a contravention of any Act of Parliament or of the legislature of a province, or of any regulations made under any such Act, other than a contravention of section 19 of this Act;
• (b) a misuse of public funds or a public asset;
• (c) a gross mismanagement in the public sector;
• (d) an act or omission that creates a substantial and specific danger to the life, health or safety of persons, or to the environment, other than a danger that is inherent in the performance of the duties or functions of a public servant;
• (e) a serious breach of a code of conduct established under section 5 or 6; and
• (f) knowingly directing or counselling a person to commit a wrongdoing set out in any of paragraphs (a) to (e).

Categories of Misconduct

Any allegations or suspicions of employee misconduct are taken seriously and are thoroughly investigated. When allegations of employee misconduct are brought to the CRA’s attention, the CRA investigates in accordance with the Directive on Discipline and the supporting Procedures for addressing employee misconduct, through one of the parties outlined in Figure 01 – Reporting mechanisms for employees.

In accordance with the Directive on Discipline founded cases of misconduct are grouped in the following categories:

Consequences of misconduct and wrongdoing

Discipline is rendered relative to the seriousness of the misconduct(s), taking into consideration the individual circumstances of the case, including any mitigating or aggravating factors. Misconduct may result in disciplinary measures, up to and including termination of employment. The goal of discipline is to:

• deter employees from engaging in misconduct;
• motivate employees to correct their behaviour when they have committed an act of misconduct;
• encourage employees to adhere to the expected standard of conduct (except in cases such as termination of employment).

Acts of misconduct may also lead to administrative measures such as the reassessment, and possible revocation, of an employee’s security status. Revocation of security status results in termination of employment.

For investigations into allegations of wrongdoing under the Public Servants Disclosure Protection Act (PSDPA), the Senior Officer for Internal Disclosure will brief the Commissioner of the CRA on the findings of completed investigations where wrongdoing was founded and will recommend an appropriate course of action to the Commissioner. This can include penalties required by law, disciplinary measures, or other corrective actions.

Reporting Mechanisms

The CRA investigates allegations it receives related to questionable or unethical conduct of CRA employees. Allegations can be made through numerous ways from a variety of sources, such as referrals from employees, managers, or members of the public. All allegations of employee misconduct are taken seriously and addressed accordingly. This section presents the various reporting mechanisms available to employees. Maintaining a positive organizational culture at the CRA is a shared responsibility. Every employee plays a role in addressing employee misconduct. For more information on roles and responsibilities related to these reporting mechanisms, please see Appendix B – Roles and Responsibilities.

The Directive on Discipline states that employees must report allegations of employee misconduct, in accordance with the Conducting Internal Investigations Procedures, as follows:

• speak to management;
• contact the Internal Affairs Division (IAD), Security Branch, by sending a fax, a letter, or an encrypted email to the IAD;
• use the CRA anonymous internal fraud and misuse reporting line or call 1-844-246-2155.

Employees can report allegations of employee wrongdoing, as defined under the Public Servants Protection Act (PSDPA), as follows:

• make protected internal disclosures of wrongdoing, according to the CRA Policy on the Internal Disclosure of Wrongdoing, to the Senior Officer for Internal Disclosure by following the CRA Procedures for the Internal Disclosure of Wrongdoing; or
• make a disclosure of employee wrongdoing directly to the Office of the Public Sector Integrity Commissioner of Canada.

Employees must inform the police, their local security officer, or management immediately of all occurrences that pose an immediate danger or threat of danger to the health and safety of themselves and/or other employees and follow the Security Incident Management and Reporting Procedures.

If employees experience or witness harassment and violence in the workplace, they may choose to notify the harassment and violence resolution (HVR) officer, management or the union, if applicable. For more information, employees can refer to Directive on discipline or to the Workplace Harassment and Violence Prevention and Resolution Procedures. The CRA considers any threat or act of harassment and violence, by or against employees, to be misconduct, but the Harassment and Violence Prevention Centre does not address harassment and violence from a misconduct perspective. When managers become aware of allegations of misconduct, and at each stage of the discipline process, they must consult with a labour relations advisor within the regional Workplace Relations Centre of Expertise.

If employees observe or believe they have been subjected to discrimination, they are encouraged to seek support and guidance from their manager or the union, if applicable, or use one of the reporting mechanism available to them, as appropriate.

The figure below summarizes the above-mentioned mechanisms.

Figure 01 – Reporting mechanisms for employees

2023-24 Overview

Wrongdoing

The Internal Disclosures Office (IDO) received less than ten (10)^{Footnote 2} allegations of wrongdoing under the Public Servants Disclosure Protection Act during the fiscal 2023-2024. The Internal Disclosures Office did not take further action on these allegations as they were referred to other more appropriate recourse mechanisms for resolution, such as:

• to human rights complaint process, provided under the Canadian Human Rights Act;
• to report their case to the Internal Affairs Division;
• to report their case to Labour Relations.

Misconduct

Administrative Investigations Completed

The number of administrative investigations completed refers to investigations that were concluded during the fiscal year 2023-2024, but that may have been opened in a previous year. During the fiscal year 2023-2024, 222 investigations were completed by IAD. Of those, 210 of those were concluded to be founded, 11 were unfounded, while one was inconclusive.

Of those 210 employees who had founded IAD investigations, there were 290 founded allegations of misconduct as one investigation file could contain multiple founded allegations of misconduct. For example, an investigation file can pertain to failure to protect information (unauthorized access) and failure to protect our reputation (contravention of the Directive on Conflict of Interest). Please note that an employee may have been subject to more than one investigation as it is possible to complete an investigation only to have more information come to light necessitating a new investigation.

The figure below shows the proportion of founded allegations for each category of misconduct. The “Failure to protect information” category remains the leading type of misconduct (62%) ranging from unauthorized access to taxpayer information to unauthorized disclosure of sensitive information. It is followed by “Failure to protect our reputation” (14%) and “Failure to protect and manage public funds” (14%).

Figure 02 – Number and proportion of founded cases of misconduct, by category of misconduct, 2023-2024^{Footnote 3}

Discipline Processes

During the 2023-2024 fiscal year, 383 founded IAD investigations proceeded into the discipline process. Of these, 193 were still in progress at the time of this report, 60 did not result in a discipline being rendered due to reasons outside of management’s control (For example an employee left the Agency prior to rendering discipline), and 130 of them were completed and resulted in an administrative or disciplinary outcome.

Administrative and Disciplinary Measures

CRA’s Directive on Discipline includes the Table of Disciplinary Measures which is unique to CRA and provides for consistency. Each act of misconduct is assigned to a group(s) that is associated with a range of disciplinary measures. The groups indicate the relative seriousness with which the CRA views the misconduct, and the ranges help achieve consistency in the application of discipline.

Of the 219 disciplinary measures rendered,133 were the result of the 130 investigations initiated by the Internal Affairs Division and 86 were completed by the delegated manager or other source.

The table below presents the number of times discipline was rendered by category of misconduct. The most common types of misconduct for which discipline was rendered were the ‘‘Failure to protect information” category (46%), followed by the ‘‘Failure to protect CRA’s reputation” category (21%).

More specifically, the figure below illustrates the number of disciplinary measures by category of misconduct. In total, for the fiscal year 2023-2024, the most common disciplinary measures rendered were suspensions for misconduct in the category of ‘‘Failure to protect information” (80). The following table shows the other disciplinary measures rendered by category of misconduct. This data is consistent with the range of disciplinary measures found in the Table of Disciplinary measures.

Figure 03 – Number of disciplinary measures rendered, by disciplinary measures and category of misconduct, 2023-2024^{Footnote 5}

While most disciplinary measures will fall within the suggested range of the table of disciplinary measures, managers retain the authority to render a disciplinary measure outside (above or below) the range in exceptional circumstances. However, delegated managers must consult with the appropriate Assistant Commissioner before doing so as outlined in Appendix A of the Procedures for addressing employee misconduct.

Conclusion

The actions of a small number of employees must not be allowed to overshadow the integrity of the more than 60,000 Agency employees who work every day in an exemplary manner to serve Canadians. The CRA is deeply committed to safeguarding public confidence and trust, and we know our employees share in that commitment. As CRA employees, we all have a role to play in continuing to prevent and address situations of misconduct and wrongdoing.

This report reinforces the fact that when lapses in integrity are identified, the CRA takes prompt steps to investigate the matter and takes the necessary and appropriate actions to address it.

With a strong Integrity Framework, clear underpinning corporate policy instruments, and an array of tools, training and communication vehicles, the CRA has guidance in place to support and empower employees and leaders, to act in accordance with the rules and values.

The publication of this report is an important step towards further transparency, accountability and continual improvement.

Appendix A - Definitions

The following section provides definitions of some key concepts central to this report.

Administrative measure refers to a range of corrective actions such as training, coaching, recovery of funds, modifying the employee's system access, revocation of reliability status or security clearance, etc. If an employee is incapable of meeting a particular performance expectation, or of attaining the expected quality of work because of a lack of skill, ability or training (incapacity or incompetence), then administrative measures, and not discipline should be used to correct the behaviour.

Discrimination is any action, decision, policy or process in matters relating to employment with the CRA that differentiates adversely in relation to, or has an adverse effect on, an employee based on a prohibited ground of discrimination, or otherwise constitutes a discriminatory practice described in sections 7 to 14.1 of the Canadian Human Rights Act.

Harassment and violence, as per Canada Labour Code, is any action, conduct or comment, including of a sexual nature, that can reasonably be expected to cause offence, humiliation or other physical or psychological injury or illness to an employee, including any prescribed action, conduct or comment.

Misconduct is defined as a willful action or omission by an employee that contravenes an act, a regulation, a rule, the Code of Integrity and Professional Conduct, or a CRA corporate policy instrument, and which may result in disciplinary action. It should be noted that discrimination, harassment and violence in the workplace are forms of misconduct.

Disciplinary measure refers to the employer's response to misconduct. The goal of discipline is to deter employees from engaging in misconduct, and when misconduct does occur, to motivate the employee to correct their behaviour, and adhere to the expected standard of conduct (except in cases such as termination of employment). Disciplinary measures can include an oral or written reprimand, suspension, financial penalty, demotion, or termination of employment.

Security incident refers to any event that may threaten the safety, security, or integrity of CRA employees, assets, or information.

Wrongdoing as defined in section 8 of the Public Servants Disclosure Protection Act:

• (a) a contravention of any Act of Parliament or of the legislature of a province, or of any regulations made under any such Act, other than a contravention of section 19 of this Act;
• (b) a misuse of public funds or a public asset;
• (c) a gross mismanagement in the public sector;
• (d) an act or omission that creates a substantial and specific danger to the life, health or safety of persons, or to the environment, other than a danger that is inherent in the performance of the duties or functions of a public servant;
• (e) a serious breach of a code of conduct established under section 5 or 6; and
• (f) knowingly directing or counselling a person to commit a wrongdoing set out in any of paragraphs (a) to (e).

Appendix B - Roles and Responsibilities

Workplace Relations Centre of Expertise (Regions), Human Resources Branch

The Workplace Relations Centre of Expertise is present within every Region at the CRA. Each Centre of Expertise actively supports compliance with the Directive on Discipline and related corporate policy instruments. They also provide consultation services and support to management, including on how to apply the Directive on Discipline, the Procedures for addressing employee misconduct, and relevant application tools.

Internal Affairs Division, Security Branch

The mandate of the Internal Affairs Division (IAD) is to provide national services for administrative investigations into allegations or suspicions of employee misconduct. The Agency Security Officer (ASO) is functionally responsible for the management of the Agency's security program which includes investigating allegations or suspicions of employee misconduct. The ASO has delegated the IAD to conduct administrative investigations. This Division is responsible for the CRA anonymous internal fraud and misuse reporting line. This anonymous reporting line was created by CRA for employees who want to speak up and report any suspicion or knowledge of internal fraud and misuse but may not feel comfortable using existing CRA internal channels. For more information and contacts, employees should refer to How to report internal fraud and misuse.

Internal Disclosures Office, Audit, Evaluation, and Risk Branch

The mandate of the Internal Disclosures Office (IDO) is to allow employees to bring forward information concerning wrongdoing at the CRA, and to ensure they are treated fairly and are protected from reprisal when they do so in good faith in a manner consistent with the Public Servants Disclosure Protection Act.

When a matter, such as a human resources issue, could be more appropriately addressed using another process or recourse mechanism, the employee may be advised by the Internal Disclosures Office to explore those avenues (such as a grievance, the Informal Conflict Resolution Program, workplace harassment and violence prevention and resolution procedures, etc.). For more information and contacts, employees should refer to the CRA’s Internal Disclosures Office.

Each year, the Chief Human Resources Officer of the Treasury Board of Canada publishes the Annual Report on the Public Servants Disclosure Protection Act (PSDPA), which presents a portrait of disclosure activities in the federal public sector made in accordance with the internal procedures established under the PSDPA.

Workplace Harassment and Violence Prevention, Human Resources Branch

The Harassment and Violence Prevention Centre work with managers and employees to effectively prevent occurrences of workplace harassment and violence. They aid in the resolution of the occurrences with a focus on preventing future occurrences. The Centre is responsible for the operational oversight consistent with the Canada Labour Code (CLC) Part II and the Work Place Harassment and Violence Prevention Regulations. For more information and contacts, employees should refer to Addressing an occurrence of workplace harassment and violence. The CRA considers any threat or act of harassment and violence, by or against employees, to be acts of misconduct, but the Harassment and Violence Prevention Centre does not address harassment and violence from a misconduct perspective. When managers become aware of allegations of misconduct, and at each stage of the discipline process, they must consult with a labour relations advisor within the regional Workplace Relations Centre of Expertise. The workplace harassment and violence resolution process is not intended to be adversarial, find fault, or correct individual behaviour through discipline. It is a health and safety process.

Workplace Inquiries Centre, Human Resources Branch

The Workplace Inquiries Centre (WIC) provides information on available prevention, resolution and formal recourse processes to both managers and employees. They are responsible for reviewing and investigating allegations of misconduct related to discrimination, harassment and violence when they are referred by management following consultation with Labour Relations. The WIC is also responsible for the investigator procurement process supporting the acquisition of external investigators as the need arises. For more information and contacts, employees should refer to Workplace Inquiries Centre.

Office of the Public Sector Integrity Commissioner of Canada

The Public Servants Disclosure Protection Act gives federal public service employees and others a secure and confidential process for disclosing wrongdoing in the workplace as well as protection from acts of reprisal as an alternative to employees reporting wrongdoing to their own department’s Internal Disclosures Office. For more information and contacts, employees should refer to the Office of the Public Sector Integrity Commissioner.

Canadian Human Rights Commission

Under the Canadian Human Rights Act, an individual or group of individuals may submit a Canadian human rights complaint to the Canadian Human Rights Commission (CHRC) related to any action or decision for which they have reasonable grounds to believe resulted in the unfair or negative treatment of a person under the prohibited grounds of discrimination.

Values, Integrity and Workplace Policies and Programs Division, Human Resources Branch

The Values, Integrity and Workplace Policies and Programs Division directs the development of a comprehensive Values and Ethics Program and associated policies, strategies and initiatives, including the Integrity Framework, the Code of Integrity and Professional Conduct, Conflict of Interest portfolio, and Political Activities Program to ensure that the integrity of the Agency remains at the forefront amongst tax administrators nationally and internationally. The Labour Relations Policy and Program section is responsible for the Directive on Discipline, the Procedures for addressing employee misconduct and supporting tools. They also provide functional direction to the Workplace Relations Centres of Expertise and the WIC.

Personnel Risk Assessment Division, Security Branch

The Personnel Risk Assessment Division assesses the security risk to CRA employees, information, assets, or facilities following an allegation of misconduct or the results of an IAD investigation in accordance with the Security Screening Directive.

Other resources

Different confidential support measures are available to CRA employees and managers to support them and restore the work environment. Employees can access information on medical, psychological and other support services available in their geographical area through the Employee Assistance Program by contacting either their Coordinator-Counsellor or the External Service Provider. They also have access to the Informal Conflict Resolution services in order to help prevent or resolve a workplace conflict.