Treasury Board of Canada Secretariat
Symbol of the Government of Canada

ARCHIVED - Audit of the Management of the Public Service Disability Insurance Plan

Warning This page has been archived.

Archived Content

Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.



Audit of the Management of the Public Service Disability Insurance Plan

Internal Audit and Evaluation Bureau



Table of Contents



Assurance Statement

The Internal Audit and Evaluation Bureau has completed the audit of the Management of the Public Service Disability Insurance Plan. The objective of the audit was to assess whether an appropriate management control framework is in place within the Treasury Board of Canada Secretariat (the Secretariat) to effectively support activities related to the Disability Insurance Plan (DI Plan) and to examine key aspects of contract administration.

The audit approach and methodology followed the Internal Auditing Standards for the Government of Canada and the Institute of Internal Auditors' International Standards for the Professional Practice of Internal Auditing.

The examination was conducted from October 2009 to April 2010 and covered the processes and controls in place ending March 31, 2010.

The audit consisted of interviews and documentation review. The observations made in this report are based on the results of the audit procedures conducted on the evidence gathered, which is sufficient to provide senior management with reasonable assurance of the audit's results.

We conclude with a reasonable level of assurance that a number of management control framework elements are in place to support the Secretariat's accountabilities in managing the DI Plan. Improvements are required to clarify and update roles, responsibilities, accountabilities and authorities; to ensure that monitoring, reporting and risk management processes are formal, systematic and comprehensive; and to enhance and formalize recruitment and succession planning processes.

In the professional judgment of the Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence has been gathered to support the accuracy of the opinion provided in this report. The opinion is based on a comparison of the conditions, as they existed at the time of the audit, against pre-established audit criteria. The opinion is applicable only to the entities examined and for the time period specified.



Executive Summary

Background

The audit of the Management of the Public Service Disability Insurance Plan was part of the Secretariat's approved 2008–11 Three-Year Risk-Based Audit Plan.

What is the Disability Insurance Plan?

The DI Plan provides employees in the federal public service who are included in collective bargaining and who are members of the plan with benefits to replace a substantial portion of earnings lost as a result of extended periods of disability.

The DI Plan is intended to supplement other disability benefits available through other avenues such as, for example, the Public Service Superannuation Act, the Government Employees Compensation Act, the Canada Pension Plan and the Quebec Pension Plan. It assures a reasonable level of income during periods of long-term disability.

Objective and scope

The objective of the audit was to assess whether an appropriate management control framework is in place within the Secretariat to support activities related to DI Plan management.

The audit included all significant activities within the Secretariat related to the management of the DI Plan. Specifically, the audit focused on the activities in the Pensions and Benefits Sector (the sector responsible for management of the DI Plan) and how this Sector interacts with other stakeholders accountable for various elements of DI Plan delivery:

  • Public Works and Government Services Canada (PWGSC);
  • Sun Life Assurance Company of Canada, referred to as "the contractor";
  • Office of the Superintendent of Financial Institutions (OSFI); and
  • National Joint Council, Disability Insurance Board of Management.

The four areas of focus of the audit are as follows:

  1. Roles, responsibilities and accountabilities
  2. Monitoring and oversight
  3. Risk management
  4. Contract administration

Key findings

Roles, responsibilities and accountabilities

Roles, responsibilities, and accountabilities relating to DI Plan management are complex and formally defined in seven documents maintained by the Secretariat, PWGSC and the National Joint Council. While these were found to be communicated and generally understood, the audit identified areas in need of updating and/or clarification, particularly the roles, responsibilities and accountabilities relating to the Secretariat and PWGSC.

Similarly, the audit identified the need to update related authorities and delegations. An initiative is currently underway to review and draft new delegation instruments.

While elements of a process are in place to identify and maintain the knowledge and skills necessary for DI Plan management at the Secretariat, an enhanced approach to recruitment and succession planning is necessary given the complexity and specialized skills required to manage the plan.

Monitoring and oversight

The Secretariat undertakes a number of monitoring activities in support of DI Plan management, such as periodic analysis of the financial health of the plan and regular meetings with the contractor and with PWGSC. However, the process to monitor achievement of DI Plan objectives and compliance to relevant authorities, including key monitoring activities and responsibilities, is not formally defined.

Formal reporting requirements are in place between the contractor and the Secretariat. There is a need to formally define reporting requirements for other stakeholders involved in DI Plan delivery, including those internal to the Secretariat.

The audit team found that information provided by the contractor meets the requirements of the contract; however, this information has not been consistently verified for accuracy by the Pensions and Benefits Sector. Enhancements are also necessary for ensuring the accuracy of information relating to other DI Plan delivery stakeholders that is used for monitoring and decision-making purposes. This includes the verification of payments made to the contractor by PWGSC on behalf of the President of the Treasury Board.

Risk management

A comprehensive and systematic process has not been formally defined that captures all necessary risk management activities. However, some risks and issues that could impact DI Plan management are currently identified and managed through various means, such as the Business Continuity Plan, the annual business plan, and financial risk analysis performed within the Pensions and Benefits Sector.

Contract administration

File documentation regarding the day-to-day administration of the contract was found to be complete, including information provided by the contractor to the Secretariat as per the insurance policy (contract).

There is evidence of contract oversight activity; however, the current contract does not contain specific performance measures against which to assess the contractor. It should be noted that the Pensions and Benefits Sector is aware of this issue and has included specific performance measures in the recent retendering of another insurance benefits plan contract.

While file documentation regarding the day-to-day administration of the contract was found to be complete, some documentation in support of past contract changes was not available for review by the audit team. There is a need to ensure that key contractual documents and related justifications are retained on file in order to support decision making and to maintain corporate memory.

A formal process is not currently in place to verify the accuracy of Treasury Board's employer share of premiums and the claim administration fees against the information provided by the contractor.

Overall conclusion

A number of management control framework elements are in place to support the Secretariat's accountabilities in managing the DI Plan. Further improvements are required in order to:

  • clarify and update roles, responsibilities, accountabilities and authorities;
  • ensure that monitoring, reporting, and risk management processes are formal, systematic and comprehensive; and
  • enhance and formalize recruitment and succession planning processes.

Recommendations

The following recommendations are directed to the Assistant Deputy Minister of the Pensions and Benefits Sector.

1. Roles, responsibilities, accountabilities and authorities for the Secretariat and its DI Plan delivery stakeholders should be reviewed, clarified, adjusted where necessary, and summarized in a consolidated manner.

2.  Existing monitoring and reporting activities should be enhanced and formally defined to support DI Plan management. The monitoring aspect of such a framework should include the following:

  1. Definition of monitoring objectives, key activities and related responsibilities;
  2. Analysis of the accuracy and completeness of information provided by delivery stakeholders;
  3. Verification of payments related to the DI Plan;
  4. Measures to assess performance; and
  5. Documentation and retention requirements relating to DI Plan activities.

3.  Existing risk management activities in support of DI Plan management should be enhanced, formally defined, and implemented to ensure that risks are regularly identified, assessed, and mitigated in a comprehensive and systematic manner.

4.  Recruitment and succession planning processes should be enhanced and formalized to ensure that the necessary knowledge and skills related to insurance benefits programs are maintained.

A management response and action plan has been developed by the Secretariat and is presented in Appendix 3.

1.  Background

1.1  What is the Disability Insurance Plan? 

The DI Plan provides employees in the federal public service who are included in collective bargaining and who are members of the plan with benefits to replace a substantial portion of earnings lost as a result of extended periods of disability.

The DI Plan is intended to supplement other disability benefits available through other avenues such as, for example, the Public Service Superannuation Act, the Government Employees Compensation Act, the Canada Pension Plan and the Quebec Pension Plan. It assures a reasonable level of income during periods of long-term disability.

1.2  Who is responsible for the Disability Insurance Plan?

The ultimate responsibility and accountability for the DI Plan rests with Treasury Board[1] as the employer of the core public administration.[2]

The Secretariat in its role as the administrative arm of Treasury Board oversees the management of the DI Plan.

Within the Secretariat, the Pensions and Benefits Sector, which is part of the Office of the Chief Human Resources Officer, is responsible for managing insurance benefits plans such as the DI Plan on behalf of Treasury Board.

Pensions and Benefits Sector officials are responsible for the following:

  • Reviewing and monitoring DI Plan activities; and
  • Providing analytical and policy advice to senior management and to Treasury Board.

1.3  How is the Disability Insurance Plan delivered?

Beyond Treasury Board and its Secretariat, there are a number of other key stakeholders involved in the delivery of the DI Plan. The following provides a brief description of their respective roles:

  • Sun Life Assurance Company of Canada (Sun Life)—is the contracted underwriter and plan insurer for the DI Plan with the Government of Canada. In this document, Sun Life is referred to as "the contractor."
  • Public Works and Government Services Canada (PWGSC)—is responsible for remitting monthly premiums to the contractor; providing employee information, when necessary, to the contractor and the Secretariat; and providing advice, information, and training on insurance benefits plans to Human Resources offices within government departments and agencies.
  • Office of the Superintendent of Financial Institutions (OSFI)—is responsible for providing advisory actuarial services through the Office of the Chief Actuary to the Pensions and Benefits Sector to manage the financial aspects of the DI Plan.
  • Disability Insurance Board of Management—is responsible, as part of the National Joint Council,[3] for providing advice to the President of the Treasury Board on the financial and administrative matters of the DI Plan and is part of the claims appeals process.

1.4  What is Treasury Board's employer share cost of the Disability Insurance Plan?

The cost of the DI Plan is comprised of monthly premiums paid to the contractor, which are shared between the employer (85 percent) and the employee (15 percent).

On behalf of the President of the Treasury Board, PWGSC calculates and remits Treasury Board's employer share of premiums to the contractor along with the employees' share. Treasury Board's share is then recovered by PWGSC and is ultimately charged to Treasury Board Vote 20—Public Service Insurance.

In fiscal year 2008–09, the employer share of the DI Plan was approximately $219 million and represented the third highest total expenditure of all Treasury Board insurance benefits plans.



2. Audit Details

2.1 Authority for the audit

The audit of the Management of the Public Service Disability Insurance Plan was part of the Secretariat's approved 2008–11 Three-Year Risk-Based Audit Plan.

2.2 Reasons for the audit

The DI Plan was selected based on risks associated with its significant materiality, high degree of complexity and public sensitivity. In addition, there has not been any previous internal audit work conducted in this area.

2.3 Audit objective

The audit objective was to assess whether an appropriate management control framework is in place within the Secretariat to support activities related to the DI Plan.

2.4 Audit scope

The audit included all significant activities within the Secretariat related to the management of the DI Plan. Specifically, the audit focused on the activities in the Pensions and Benefits Sector and how the Sector interacts with other stakeholders accountable for various elements of the DI Plan delivery:

  • PWGSC;
  • Sun Life;
  • OSFI; and
  • National Joint Council, Disability Insurance Board of Management.

Specifically, the audit has four areas of focus:

  1. Roles, responsibilities and accountabilities
  2. Monitoring and oversight
  3. Risk management
  4. Contract administration

The examination phase was conducted from October 2009 to April 2010 and covered the processes and controls in place ending March 31, 2010.

The audit did not assess the following:

  • Adequacy of activities performed in the Pensions and Benefits Sector;
  • Delivery of activities by other DI Plan delivery stakeholders;
  • Accuracy of payments related to the contract; and
  • Accuracy of payments for employees' share of the DI Plan.

This audit was also not intended to be an assessment of the overall management of disability within the federal public service.

2.5 Audit criteria

Audit criteria were developed in consideration of the risks identified during the planning phase of the audit and were based on the following sources:

  • Core Management Controls: A Guide for Internal Auditors issued by the Office of the Comptroller General and dated November 2007; and
  • Whitepaper on Plan Governance[4] dated October 2008.

Detailed criteria are presented in Appendix 1.

2.6 Approach and methodology

The audit approach and methodology followed the Internal Auditing Standards for the Government of Canada and the Institute of Internal Auditors' International Standards for the Professional Practice of Internal Auditing. These standards require that the audit be planned and performed in such a way as to obtain reasonable assurance that audit objectives are achieved.

The approach used to carry out the audit included documentation review and interviews with Secretariat officials in the Pensions and Benefits Sector and the following delivery stakeholders:

  • PWGSC;
  • Sun Life;
  • OSFI; and
  • National Joint Council, Disability Insurance Board of Management.


3.  Audit Results

Each area of focus was assessed against audit objectives and related criteria. The audit results are presented by area of focus.

3.1  Roles, responsibilities and accountabilities

3.1.1  Definition, communication and understanding

Roles, responsibilities and accountabilities relating to DI Plan management are complex and formally defined in seven documents maintained by the Secretariat, PWGSC and the National Joint Council, as follows:

  • Secretariat
    • Financial Administration Act;
    • The insurance policy (contract) and two related amendments;
    • Treasury Board's Policy on the Administration of the Public Service Pension Plan and Group Insurance and Other Benefits Programs;
    • The Disability Insurance Plan document which includes Treasury Board's Directives Respecting the Disability Insurance Plan Established for Certain Persons Employed in the Public Service;
  • PWGSC
    • Department of Public Works and Government Services Act (DPWGS Act);
    • Insurance Administration Manual; and
  • National Joint Council
    • Terms of reference for the Disability Insurance Board of Management.

These were found to be adequately communicated to delivery stakeholders. Five documents are posted on the internet and therefore available to all delivery stakeholders. The remaining two documents (the insurance policy and the Disability Insurance Board of Management terms of reference) were made available to the appropriate parties.

Interviews conducted by the audit team with delivery partner representatives indicated that respective roles, responsibilities and accountabilities as currently defined were generally understood by those entities.

In the Pensions and Benefits Sector, it was found that staff understood and performed their roles as currently defined.[5] It was also found that Pensions and Benefits Sector officials reasonably understood the roles, responsibilities and accountabilities of the various delivery stakeholders.

3.1.2  Currency and clarity of roles, responsibilities and accountabilities

The audit identified areas in need of updating and/or clarification, particularly regarding roles, responsibilities and accountabilities for the Secretariat and PWGSC. There is also a need to formalize service expectations between delivery stakeholders and the Secretariat.

Role of the Secretariat

As per the documentation reviewed, many of the roles, responsibilities and accountabilities relating to the DI Plan are attributed to Treasury Board or the President of the Treasury Board. However, the role of the Secretariat in supporting Treasury Board is not formally defined for the management of the DI Plan. Currently, the Secretariat's defined role in this regard is to provide direction to PWGSC in accordance with Treasury Board's Policy on the Administration of the Public Service Pension Plan and Group Insurance and Other Benefit Programs, which came into effect May 17, 2007. Given the activities currently undertaken by the Secretariat in support of DI Plan management, further clarification and documentation of its role would be beneficial to ensure that decision making is at the appropriate level of accountability.

Role of PWGSC

The role of PWGSC is defined in Treasury Board's Policy on the Administration of the Public Service Pension Plan and Group Insurance and Other Benefits Programs. As per this policy, PWGSC is an information provider under the direction of the Secretariat; however, PWGSC's role as specified in the policy differs from that outlined in both the DPWGS Act and the Insurance Administration Manual. Both the DPWGS Act and the Insurance Administration Manual define PWGSC's role as that of providing administration and other services. The audit found that PWGSC is performing its role in accordance with the legislation and the Insurance Administration Manual. Nevertheless, its role in supporting administration of the DI Plan should be consistently defined to facilitate a common understanding.

Services provided by delivery stakeholders

It was noted that Memoranda of Understanding are not in place for OSFI or PWGSC regarding their roles vis--vis the Secretariat and the services to be provided. Such agreements would ensure that stakeholders clearly understand their roles and responsibilities in the delivery of the DI Plan and would support the Secretariat's role in monitoring DI Plan delivery.

3.1.3  Authorities and delegations for DI Plan Management

The audit identified the need to update authorities and delegations relating to DI Plan management. Specifically, current delegation instruments do not provide adequate delegation for DI Plan delivery stakeholders who perform activities on behalf of Treasury Board or the President of the Treasury Board. As part of efforts to address this issue, the Secretariat is currently reviewing and drafting new delegation instruments.

3.1.4  Knowledge and skills management

The audit also included a review of the overall processes in place to identify and maintain appropriate knowledge and skills in support of the Secretariat's roles, responsibilities and accountabilities in managing the DI Plan.

Identification of required knowledge and skills

The Pensions and Benefits Sector has identified the need to recruit employees with policy and strategic advisory backgrounds as well as employees with insurance and pension experience, where possible. These recruitment requirements were identified in the latest Human Resources Plan[6] and confirmed with Pensions and Benefits Sector officials. Recruitment of individuals with previous experience in the insurance and pension industries was highlighted as challenging.

In the latest Human Resources Plan, the Pensions and Benefits Sector has identified the following activities to strengthen the identification of required knowledge and skills and the recruitment of new employees:

  • Regularly reviewing Statements of Merit Criteria for key positions and obtaining input from the various communities in the private sector to help determine job requirements; and
  • Shifting the Pensions and Benefits Sector's recruitment strategy to explore new ways of recruiting from the private sector insurance and pension community.

There is evidence that, in a recent competition, the development of the Statement of Merit Criteria has taken into consideration the overall recruitment requirements identified in the latest Human Resources Plan. Given the complexity of insurance benefits programs such as the DI Plan, it would be beneficial to formally articulate specific recruitment needs and strategies so that these can be efficiently and effectively implemented.

Maintaining knowledge and skills

While standard and mandatory training requirements are not in place, the audit team was informed that Pensions and Benefits Sector employees are provided with opportunities to participate in a variety of in-house and external training related to insurance benefits programs in order to maintain and enhance knowledge and skills.

General training opportunities within the Secretariat

  • Secretariat Boot Camp

Training specific to insurance benefits programs

  • One-day, in-house training on Treasury Board's insurance benefits programs and how they operate; 
  • Training from other government departments that provide benefits programs;
  • Training from insurers; and
  • Certification from Humber College

Pensions and Benefits Sector employees indicated that sharing knowledge plays an important part in the execution of their roles and responsibilities. In support of knowledge sharing, the Pensions and Benefits Sector provides informal cross-training for employees for insurance benefits programs, as well as informal on-the-job training and continued support by more experienced staff.

In terms of succession planning, the Pensions and Benefits Sector identified a number of ongoing activities in the latest Human Resources Plan, as follows:

  • Identification of critical positions and back-up personnel;
  • Steps to address knowledge transfer in advance of employee departures; and
  • Provision of training to potential successors.

While a formal training program is not in place, there is evidence that Pensions and Benefits Sector employees have access to a number of training opportunities. Overall requirements for succession planning were outlined in the latest Human Resources Plan. However, there is a need to develop and implement formal tools and processes to support succession planning given the complexity of insurance benefits programs and the specialized skills required to manage them.

3.1.5  Conclusion—Roles, responsibilities and accountabilities

Roles, responsibilities and accountabilities are formally defined, and there is evidence of sufficient communication and understanding among delivery stakeholders. However, these roles, responsibilities and accountabilities are dispersed among a number of documents and require adjustment and clarification in some cases. Clearly defined roles, responsibilities and accountabilities are key to ensuring effective and efficient DI Plan management. They are critical to ensuring continuity when employees occupying key positions change employment or retire. 

Delegations and authorities are currently being reviewed, and new delegation instruments are being drafted.

While elements of a process are in place to identify and maintain the knowledge and skills necessary for DI Plan management at the Secretariat, an enhanced approach to recruitment and succession planning is necessary given the complexity and specialized skills required to manage the DI Plan.

3.2  Monitoring and oversight

3.2.1  Definition and communication of Disability Insurance Plan objectives

DI Plan objectives help ensure alignment of activities among delivery stakeholders and can provide an overall basis for monitoring.

The DI Plan objectives and related statements are contained in two documents posted on the Secretariat's website: the Disability Insurance Plan document and Treasury Board's Policy on the Administration of the Public Service Pension Plan and Group Insurance and Other Benefit Programs. Relevant excerpts from these documents are presented in Appendix 2.

The overall objective of the DI Plan is broadly defined in the Disability Insurance Plan document. DI Plan management objectives, such as those relating to accountability, transparency, decision making and minimizing errors, can be inferred from their inclusion in the above-mentioned Treasury Board policy and can be used to help guide monitoring activities.

3.2.2  Monitoring

The process for monitoring achievement of DI Plan objectives and compliance to relevant authorities is not formally defined. 

Even though they are broadly defined, the DI Plan objectives could provide a basis for ongoing monitoring of the DI Plan.

Regarding compliance, while there are no legislative requirements for the management of the DI Plan, other mandatory requirements are outlined in Treasury Board policy, Treasury Board directives, as well as in the insurance policy (contract).

While a monitoring process is not formally defined, the Pensions and Benefits Sector undertakes a number of monitoring activities in support of managing the DI Plan. These are largely focused on the activities of two delivery stakeholders, as follows.

Monitoring and reporting contractor activities

In monitoring contractor activities, the Secretariat is supported by the information it receives from Sun Life, the contractor.

We found that reporting requirements for the contractor have been clearly defined in the insurance policy (contract), including the provision of various reports at specific times that relate to the financial health of the plan. These include the following:

  • Monthly Financial Position Reports;
  • Annual Summary Financial Report including required exhibits;
  • Annual Detailed Financial Report including required exhibits; and
  • Asset Reports annually and as requested.

These reports are reviewed and analyzed at the macro level by the Pensions and Benefits Sector as a means to monitor the financial health of the plan. Since the intent of the audit was to determine whether a process exists for ensuring that DI Plan management objectives were met, the audit team did not assess whether the analysis was sufficient or adequate.

While we found that information provided by the contractor meets the requirements of the contract, this information is not verified consistently for accuracy by the Pensions and Benefits Sector. In particular, there is no payment verification conducted. The Pensions and Benefits Sector has initiated a financial audit of the contractor for the year ending December 31, 2007; however, the audit report has not yet been finalized. In addition, there is no confirmation that financial audits of the contractor will be repeated on an ongoing basis.

Monthly meetings are held with the contractor to review performance and to discuss issues that may arise in the delivery of the DI Plan. The minutes, prepared by the contractor and provided to the Secretariat, outline issues identified in managing the DI Plan and progress on their resolution.

As noted previously, the process of monitoring the achievement of DI Plan objectives is not formally defined. The absence of a formal framework that identifies key monitoring activities limits the ability of the Secretariat to determine whether the current monitoring activities are appropriate and sufficient in achieving the DI Plan management objectives.

Monitoring and reporting PWGSC activities

The audit found that regular meetings were not formally scheduled between the Secretariat and PWGSC to discuss specific aspects of PWGSC's role in DI Plan delivery.

However, meetings with PWGSC were held as required to discuss issues that impacted
DI Plan delivery. In addition, there was evidence that the issues identified were resolved through email exchanges or during meetings. If consultations with additional delivery stakeholders were required to resolve issues, there was evidence that this was done.

While formal reporting requirements exist for the contractor, they have not been defined for PWGSC. Therefore, the Secretariat does not receive pre-specified information from PWGSC on a regular basis for monitoring purposes.

PWGSC calculates and remits Treasury Board's employer share of premiums on behalf of the President of the Treasury Board to the contractor along with the employees' share. Treasury Board's share is ultimately charged to Treasury Board Vote 20—Public Service Insurance. However, detailed information regarding Treasury Board's share recovered by PWGSC and charged to Treasury Board Vote 20 has not been pre-defined to ensure that the Secretariat can assess whether the charge is appropriate and accurate. The availability of such information as the number of employees contributing Disability Insurance premiums, the amount of monthly employee deductions, and the amounts remitted to the contractor would facilitate the payment verification process at the Secretariat.

The audit team was informed that discussions with PWGSC have been underway since January 2010 to address the need for additional information.

3.2.3  Reporting process

In addition to reviewing the reporting process by external stakeholders (discussed in Section 3.2.2 as part of monitoring), the audit also examined DI Plan reporting from the following perspectives:

  • The Secretariat's reporting to Treasury Board; and
  • Internal reporting within the Secretariat.
Secretariat's reporting to Treasury Board

There is currently no mandatory or formal requirement for the Secretariat to report to Treasury Board on the DI Plan.

In addition to clarifying the role of the Secretariat in supporting Treasury Board (discussed in Section 3.1.2 of this report), articulation of clear reporting requirements to Treasury Board regarding DI Plan delivery would be beneficial given the Secretariat's role of managing the DI Plan on behalf of Treasury Board.  

Internal reporting within the Secretariat

The audit examined the extent of internal reporting within the Secretariat regarding
DI Plan delivery. It was found that internal reporting requirements have not been formally defined. Rather, reporting to Senior Management on the activities of the DI Plan has been done on an issues-driven basis.

3.2.4  Conclusion—Monitoring and reporting

While the Secretariat conducts numerous monitoring activities that are critical to DI Plan management, there is a need to develop a formal monitoring framework that defines key monitoring objectives, activities, frequency and responsibility. Such a framework would provide assurance that all necessary monitoring activities are being conducted at the appropriate times and in support of key aspects of DI Plan delivery.

Enhancements are also necessary for ensuring the accuracy of information relating to other DI Plan delivery stakeholders that is used for monitoring and decision-making purposes. This includes the verification of payments made to the contractor by PWGSC on behalf of the President of the Treasury Board.

Formal reporting requirements are in place between the contractor and the Secretariat, and the information provided meets the requirements of the contract. However, there is a need to formally define reporting requirements for all stakeholders involved in DI Plan delivery, including those internal to the Secretariat.

3.3  Risk management

As per the Treasury Board Risk Management Policy, federal departments are expected to:

  • identify the potential perils, factors, and types of risk to which their assets, program activities, and interests are exposed; and
  • analyze and assess the risks identified and design and implement cost-effective risk prevention, reduction, or avoidance control measures.

In assessing the Secretariat's management of risks relating to the DI Plan, the audit team reviewed a number of documents, such as the following:

  • Office of the Chief Human Resources Officer 2010–11 Business Plan;
  • Office of the Chief Human Resources Officer 2010–11 Human Resources Plan;
  • Business Impact Analysis, dated October 24, 2008;
  • Sector and directorate input to the Departmental Business Continuity Plan for Infrastructure Outages (October 30 and September 24, 2009).

These documents identified a number of risks and issues that could potentially hinder the Secretariat's capacity to perform its duties related to the DI Plan. The Pensions and Benefits Sector's input into the Secretariat's Business Continuity Plan for Infrastructure Outages involved a formal and systematic approach to risk management. However, other risks were dealt with in a less structured and complete manner, focusing largely on human resources-related issues.

In addition, the Pensions and Benefits Sector is performing financial risk analysis. Specifically, financial information provided by the contractor is reviewed, and trends and variance analysis is conducted.

However, there was no formal documentation of the identification, acceptance and mitigation of financial risks.

3.3  Conclusion—Risk management

A comprehensive and systematic process has not been formally defined for identifying, assessing and responding to the full spectrum of risks associated with managing the
DI Plan. Currently, a number of risks and issues relating to DI Plan management are identified and addressed through various means, such as the Business Continuity Plan for Infrastructure Outages, the annual business plan, and financial risk analysis performed by a senior advisor in the Pensions and Benefits Sector.

A formal risk management approach would include the identification and assessment of legal, operational, financial and reputational risks—from both internal and external sources—to be conducted on a periodic basis (at least once a year) and monitored. A formal response to risk would include the following:

  • Specific mitigation strategies and associated timelines;
  • Owners for each mitigation strategy; and
  • Communication of risks and strategies to relevant parties.

3.4  Contract administration

3.4.1  Supporting documentation—contract and amendment approvals

The original insurance policy (contract) with Sun Life for the DI Plan became effective in 1970. The contract was updated in 1997 and was followed by two amendments: the first effective in 2000, the second in 2007.

The audit team found that the documented justification on file for the most recent amendment was appropriate. However, similar support for the 1997 contract update and the first amendment was not available for review.

As per section 7.1(1) of the Financial Administration Act and in the absence of other formal delegation instruments, Treasury Board is the appropriate authority for approving the insurance policy (contract) and its amendments. However, the audit team found that the 1997 contract and subsequent amendments were signed by the President of the Treasury Board and in one instance the Chief Human Resources Officer. There is therefore a need to update either the approval process or the authorities relating to the DI Plan contract prior to proceeding with future changes to the existing contract. The audit team was informed that the Secretariat is currently reviewing and drafting new delegation instruments.

3.4.2  Contract oversight

As discussed in Section 3.2.2 (Monitoring and reporting contractor activities), the Secretariat undertakes a number of activities in support of monitoring the requirements of the contract. Specifically, the Pensions and Benefits Sector holds monthly meetings with the contractor to discuss issues. The Sector also monitors the financial health of the DI Plan through the review of reports provided by the contractor.

Overall, monitoring activities were found to be adequate to ensure that contract deliverables (e.g., financial reports) were provided by the contractor and that issues were resolved appropriately and in a timely manner. However, there are no other performance measures in place against which to assess the performance of the contractor. The Pensions and Benefits Sector is aware of this issue and has included specific performance measures in the recent retendering of another insurance benefits plan contract.

Regarding the level of documentation on file to support contract management, it was found that, overall, sufficient information was available on file for day-to-day contract administration. This included the following:

  • Information provided by the contractor as per the contract (e.g., financial reports, such as income statement); and
  • Documentation on the identification, monitoring and resolving of issues that arose.

3.4.3  Payment verification

Employer share of premiums

As mentioned earlier in the report, the cost of the DI Plan comprises monthly premiums paid to the contractor that are shared between the employer (85 percent) and the employee (15 percent). The scope of this audit was limited to Treasury Board's employer share of premiums only.

The audit team was informed that there is currently no process in place to confirm the accuracy of the Treasury Board's employer share of premiums against information provided by the contractor.

Claims administration fee

The contractor is paid a claims administration fee as outlined in the negotiated contract.

The audit team was informed that there is currently no process in place to confirm the accuracy of the claims administration fee.

Notwithstanding this, some degree of assurance has recently been provided regarding the claims administration fee paid to the contractor. Specifically, an external financial audit was conducted that provided an independent audit opinion on the annual financial reports of the DI Plan provided by the contractor for the year ended December 31, 2007. The financial audit included a review of the processes and controls supporting financial reporting and provided observations and recommendations on any identified deficiencies. The preliminary findings from that audit indicated that there were no issues regarding the accuracy of the information contained in the financial reports for that year, including the amount of claims administration fee paid to the contractor. However, the audit report was not finalized.  

3.4.4  Conclusion—Contract administration

There is evidence of contract oversight activity; however, the current contract does not contain specific performance measures against which to assess the contractor.

While file documentation regarding the day-to-day administration of the contract was found to be complete, some documentation in support of past contract changes was not available for review by the audit team. There is a need to ensure that key contractual documents and related justifications are retained on file in order to support decision making and to allow for adequate corporate memory when turnover occurs.

There is a need to update either the approvals process or the authorities relating to the DI Plan contract prior to proceeding with future changes to the existing contract. The audit team was informed that an updated delegation framework is underway.

A formal process is not currently in place to verify the accuracy of the employer share of premiums and claim administration fees against the information provided by the contractor.



4.  Overall Conclusion

A number of management control framework elements are in place to support the Secretariat's accountabilities in managing the DI Plan. Further improvements are required in order to:

  • clarify and update roles, responsibilities, accountabilities and authorities;
  • ensure that monitoring, reporting, and risk management processes are formal, systematic, and comprehensive; and
  • enhance and formalize recruitment and succession planning processes.

The assurance statement presented at the outset of this report reiterates this conclusion and provides details regarding the level of assurance and methodology.

5.  Recommendations

The following recommendations are directed to the Assistant Deputy Minister of the Pensions and Benefits Sector:

  1. Roles, responsibilities, accountabilities and authorities for the Secretariat and its DI Plan delivery stakeholders should be reviewed, clarified, adjusted where necessary, and summarized in a consolidated manner.
  2. Existing monitoring and reporting activities should be enhanced and formally defined to support DI Plan management. The monitoring aspect of such a framework should include the following:
    1. Definition of monitoring objectives, key activities and related responsibilities;
    2. Analysis of the accuracy and completeness of information provided by delivery stakeholders;
    3. Verification of payments related to the DI Plan;
    4. Measures to assess performance; and
    5. Documentation and retention requirements relating to DI Plan activities.
  3. Existing risk management activities in support of DI Plan management should be enhanced, formally defined, and implemented to ensure that risks are regularly identified, assessed, and mitigated in a comprehensive and systematic manner.
  4. Recruitment and succession planning processes should be enhanced and formalized to ensure that the necessary knowledge and skills related to insurance benefits programs are maintained.

A management response and action plan has been developed by the Secretariat and is presented in Appendix 3.



Appendix 1—Audit Criteria

Audit Objective

The audit objective was to assess whether an appropriate management control framework is in place within the Secretariat to effectively support activities related to the DI Plan.

Audit subobjective Audit criteria
1. Are roles, responsibilities and accountabilities clearly defined, and is there a process in place to ensure that employees possess the appropriate knowledge and skills to carry out their duties? [7]
  • Roles, responsibilities and accountabilities are clearly defined, documented and communicated. (Sources: Whitepaper on Plan Governance-2 and Core Management Controls—AC-1 and AC-4)
  • Pensions and Benefits employees involved in the management of DI Plan understand their respective roles, responsibilities and accountabilities; and the roles, responsibilities and accountabilities of the DI Plan delivery stakeholders. (Sources: Core Management Controls—AC-2)
  • A process is in place in the Pensions and Benefits Sector to identify and maintain the knowledge and skills needed for DI Plan management. (Sources: Whitepaper on Plan Governance-6 and Core Management Controls—LICM-4)
2. Is there a process, and are there controls in place to facilitate oversight?
  • A process is in place to assess whether DI Plan objectives are being met.[8] (Sources: Whitepaper on Plan Governance-1 and Core Management Controls—G-3, G-5, RP-3, ST-4, ST-16, ST-18)
  • A process is in place to report on the activities of the DI Plan. (Sources: Core Management Controls—G-6, ST-20)
  • A process is in place to ensure that the management of the DI plan is in compliance with legislative and regulatory requirements. (Sources: Whitepaper on Plan Governance-7 and Core Management Controls—ST-7)
  • A process is in place to ensure that the DI Plan is in compliance with legislative and regulatory requirements.[9] (Sources: Whitepaper on Plan Governance-7 and Core Management Controls—ST-7)
3. Is there a formal and systematic approach for identifying and assessing risks facing the DI Plan, and are there mitigation strategies to respond to identified risks?
  • A process is in place to ensure risks are identified, monitored and mitigated. (Sources: Whitepaper on Plan Governance-7 and Core Management Controls—RM-2, RM-4, RM-5)
4. Is there appropriate administration of the insurance policy (contract) between Sun Life and Treasury Board?
  • Contract and amendments are supported by documented justification and are approved by the appropriate authority. (Sources: Core Management Controls—AC-1, CFS-1)
  • Appropriate oversight of contractor activities is conducted (e.g., monitoring, ensuring deliverables are met, review of contractor performance, etc.). Periodic briefings are made to senior management regarding the contract, as appropriate. (Sources: Core Management Controls—AC-3, G-6, ST-20, ST-22)
  • Pensions and Benefits Sector monitors and analyzes payments to the contractor related to the DI Plan contract (i.e., examination of the processes used to verify payments.) (Sources: Core Management Controls—ST-16, ST-20)
  • Key documentation is on file to support contract management. (Sources: Core Management Controls—ST-12)


Appendix 2—Summary of Disability Insurance Plan Objectives and Related Statements

The objectives and related statements are contained in two documents posted on the Secretariat's website: the Disability Insurance Plan document and Treasury Board's Policy on the Administration of the Public Service Pension Plan and Group Insurance and Other Benefit Programs.

The documents contain the following objectives that relate to the DI Plan:

  • "The DI Plan is intended to provide a benefit which will supplement other disability benefits available under such plans as the Public Service Superannuation Act, the Government Employees Compensation Act, the Canada Pension Plan and the Quebec Pension Plan and will assure a reasonable level of income during periods of longer term disability." (Paragraph 3.1, Disability Insurance Plan document);
  • "The group insurance and other benefit programs (IBP) provides members and their dependants with various health, dental, disability, and insurance benefits including those provided under the Public Service Health Care Plan (PSHCP), the Public Service Management Insurance Plan (PSMIP), the Disability Insurance Plan (DI) and the Dental Care Plan (DCP), the Pensioners' Dental Services Plan (PDSP), the PS Income Benefits for Survivors of Employees Slain on Duty, and the High Risk Travel Compensation Policy."(Section 3.2, Policy on the Administration of the Public Service Pension Plan and Group Insurance and Other Benefit Programs).

In addition, a number of DI Plan management objectives can be inferred from Treasury Board's Policy on the Administration of the Public Service Pension Plan and Group Insurance and Other Benefit Programs, specifically under Sections 5.1 and 5.2:

  • The objective of this policy is to promote enhanced accountability and sound management practices in the administration of the PSPP [Public Service Pension Plan] and IBP [Insurance Benefits Plans].
  • The expected results of this policy are that:
    • Employees and members receive accurate and timely PSPP  and IBP information to assist them in making informed decisions;
    • Instances of government errors and associated liabilities are reduced;
    • Participating government organizations and separate agencies make remittances and provide pertinent data, in accordance with the PSPP and the IBP conditions and established timelines; and
    • Early and effective re-integration into the workplace of employees returning after a period of extended sick leave taking into account the employer's duty to accommodate employees with disabilities.


Appendix 3—Management Response and Action Plan

MANAGEMENT RESPONSE TO THE AUDIT OF THE MANAGEMENT OF THE PUBLIC SERVICE DISABILITY INSURANCE PLAN

The audit has confirmed the importance of work that is planned and underway to modernize the benefit plans. This work will ensure cost effective, well-managed health, dental and disability benefit plans that reflect current industry standards, including appropriate internal controls and procedures and risk management strategies while continuing to provide members with appropriate benefits.

Currently the Pensions and Benefits Sector is focusing on the renewal of the Public Service Health Care Plan (PSHCP) given its size and importance to members.  The PSHCP is the largest health care plan in Canada with Treasury Board Vote 20 employer expenditures in 2008-2009 totaling $660.8M compared to the $219.5M for the Disability Insurance (DI) Plan.  Since much of the work planned and accomplished to date for the PSHCP will apply to the other benefit plans, we will build on this work as we address the DI Plan audit recommendations. In terms of timelines, the new contract for the PSHCP will be operational on November 1, 2010 and we expect that we will be in a position to start addressing the action items for the DI Audit in early 2011. The management action plan has been developed to address the issues and recommendations in the internal audit report as described below, recognizing the interdependencies of activities and stakeholders.

Recommendation #1:

Roles, responsibilities, accountabilities and authorities for the Secretariat and its DI Plan delivery stakeholders should be reviewed, clarified, adjusted where necessary, and summarized in a consolidated manner.

Priority Ranking:  High

Management Action Completion Date Office of Primary Interest
Agreed. 

a. Review, identify, consult and document the roles, responsibilities, accountabilities, and key authorities for the Secretariat and its DI Plan delivery stakeholders.

December 2011 Assistant Deputy Minister, Pensions and Benefits Sector, OCHRO

Executive Director, Group Insurance, Policy and Programs, Pension and Benefits Sector, OCHRO 
b. Develop a consolidated document that will inform the development of memoranda of understanding (MOUs) with key stakeholders.
c. Review, develop and adjust authorities and operational process documents as required to reflect any revisions following the documentation of the roles, responsibilities, accountabilities and key authorities.
d. Establish MOUs with identified stakeholders in the delivery process that formalize their roles and the services provided.

Recommendation #2:

Existing monitoring and reporting activities should be enhanced and formally defined to support DI Plan management. The monitoring aspect of such a framework should include the following:

  1. Definition of monitoring objectives, key activities and related responsibilities;
  2. Analysis of the accuracy and completeness of information provided by delivery stakeholders;
  3. Verification of payments related to the DI Plan;
  4. Measures to assess performance; and
  5. Documentation and retention requirements relating to DI Plan activities.

Priority Ranking: High

Management Action Completion Date Office of Primary Interest
Agreed.
Clarification of the roles and responsibilities and the accountabilities as per above action item will provide the foundation to initiate the actions required to address this recommendation.
  1. Define, document and communicate monitoring and reporting objectives, key activities and related responsibilities for all stakeholders in accordance with DI Plan objectives
  2. Establish and implement a process to analyze the accuracy and completeness of information provided by delivery stakeholders and used for monitoring and decision-making purposes, including the monitoring and compliance of the MOUs with delivery stakeholders.
  3. Identify and enhance information requirements that will support on-going monitoring of the DI Plan.
  4. Define activities, frequency, and responsibility with respect to the verification of payments made to the contractor by PWGSC.
  5. Identify measures to assess DI Plan performance.
  6. Identify and document internal roles and responsibilities and reporting requirements.
  7. Identify documentation and retention requirements.
  8. Implement enhanced reporting, and documentation retention activities to support DI Plan management.
March 2012 Assistant Deputy Minister, Pensions and Benefits Sector, OCHRO

Executive Director, Group Insurance, Policy and Programs, Pension and Benefits Sector, OCHRO

Recommendation #3:

Existing risk management activities in support of DI Plan management should be enhanced, formally defined, and implemented to ensure that risks are regularly identified, assessed and mitigated in a comprehensive and systematic manner.

Priority Ranking: High

Management Action Completion Date Office of Primary Interest
Agreed.

a)  Determine resource requirements for ongoing risk management activities and prepare proposal for funding.
December 2010 Assistant Deputy Minister, Pensions and Benefits Sector, OCHRO

Executive Director, Group Insurance, Policy and Programs, Pension and Benefits Sector, OCHRO 
b)  Design a formal risk management process addressing legal, operational, reputational and financial risks involving both internal and external sources.  The process will include the development of procedures for the identification, assessment and response to risks. March 2011
c)  Implement the risk management process developed above to identify, assess, mitigate and monitor ongoing risks in a comprehensive and systematic manner. December 2011

Recommendation #4:

Recruitment and succession planning processes should be enhanced and formalized to ensure that the necessary knowledge and skills related to insurance benefits programs are maintained.

Priority Ranking:  Medium

Management Action Completion Date Office of Primary Interest
Agreed
  1. Review and identify gaps in current recruitment and retention activities including impact of classifications, targeting activities to specific subject matter and industry expertise, and benchmarking to other public and private organizations.
  2. Develop and implement targeted HR strategies to secure, retain and maintain resources with appropriate training and knowledge:
    • Ensure alignment with the Secretariat's HR Strategy 2008–11 which focuses on a robust resourcing strategy that enables enhanced recruitment and succession planning processes to ensure that the required knowledge and skills related to the insurance benefits program are maintained;
    • Use collective staffing actions and maintain pre-screened and interviewed applicant pool. Identify key positions to be vacated over the short, medium and long term;
    • Finalize the  implementation of a mentoring program that shares the knowledge, materials, skills and experience of mentors with new employees;
    • Hold workshops to provide an overview of PSMIP/DI Plan;
    • Develop an orientation manual and training to allow the transfer of specific job responsibilities and corporate knowledge; and
    • Review annual performance evaluations and learning plans of current employees to identify training and development needs to assume future key positions.

Annual

  • Convene annual meeting of senior managers to discuss talent management including topics such as development options for top talent, organization succession plans, and other critical workforce issues
April 2012 Assistant Deputy Minister, Pensions and Benefits Sector, OCHRO

Executive Director, Group Insurance, Policy and Programs, Pension and Benefits Sector, OCHRO 

[1]. As per the Secretariat's 2008–09 Departmental Performance Report, Treasury Board is a Cabinet committee of the Queen's Privy Council for Canada invested with a broad range of responsibilities for management excellence, policy development and budget oversight. As the general manager of the public service, Treasury Board has three key roles: the government's management board, the government's budget office, and employer of the core public administration.

[2]. As per section 11(1) of the Financial Administration Act, "core public administration" means the departments named in Schedule I and the other portions of the federal public administration named in Schedule IV of the Act.

[3]. The National Joint Council is an advisory body to the President of the Treasury Board on employee-employer matters. The Council is made up of representatives from the employer and the public service bargaining agents.

[4]. PricewaterhouseCoopers LLP described how traditional corporate governance principles are applied to retirement plans. While the described framework is for pension plans, the principles are applicable to other employee benefits plans.

[5]. Only the roles, responsibilities and accountabilities related to the delivery of insurance benefits programs were reviewed. Those related to ensuring that departments comply with Treasury Board's Policy on the Administration of the Public Service Pension Plan and Group Insurance and Other Benefit Programs were not analyzed.

[6]. The Office of the Chief Human Resources Officer Human Resources Plan for 2010–11.

[7]. Refinements were made to the subobjective to clarify the audit's focus on processes in place to support knowledge and skills.

[8]. The audit criterion was expanded during the audit to include the monitoring activities performed by the Pensions and Benefits Sector related to DI Plan delivery.

[9]. The audit criterion was expanded during the audit to include the process to ensure compliance to other mandatory documents, e.g., Treasury Board policy