Annex to the statement of management responsibility including internal control over financial reporting RCMP fiscal year 2024–2025
On this page
List of acronyms and abbreviations
- COSO
- Committee of Sponsoring Organizations of the Treadway Commission
- FAA
- Financial Administrative Authorities
- IM
- information management
- IT
- information technology
- RCMP
- Royal Canadian Mounted Police
- TCA
- tangible capital assets
List of tables
1. Introduction
This document provides summary information on the measures taken by the Royal Canadian Mounted Police (RCMP) to maintain an effective system of internal control over financial reporting, including information on internal control management, assessment results and related action plans.
Detailed information on the RCMP’s authority, mandate and core responsibilities can be found in the 2024–2025 Departmental Plan and the 2024–2025 Departmental Results Report.
2. RCMP’s system of internal control over financial reporting
2.1 Internal control management
The RCMP recognizes the importance of setting the tone from the top and helps ensure that staff at all levels understand their role in maintaining an effective system of internal control over financial reporting and are well equipped to exercise these responsibilities effectively. The focus of the RCMP’s internal control management framework is to ensure risks are managed through a responsive and risk-based control environment that enables continuous improvement and innovation.
The RCMP has a well-established governance and accountability structure to support departmental assessment efforts and oversight of its system of internal control. The RCMP’s internal control management framework includes:
- Organizational accountability structures to support sound financial management, including roles and responsibilities of senior managers for key areas of responsibility, as related to internal control management
- Values and ethics (RCMP renewed its Core Values through consultation in 2023-2024)
- Ongoing communication, including training on statutory requirements, policies and procedures, for sound financial management and control
- A centralized internal control team, supported by regional units within the Corporate Management portfolio dedicated to the documentation, design and operating effectiveness of internal control over financial reporting under the Chief Financial Officer
- Periodic monitoring of, and regular updates to, internal control management, as well as the provision of related assessment results and action plans to the Commissioner and senior management through committees and, as applicable, the Departmental Audit Committee
The Departmental Audit Committee provides advice to the Commissioner on the adequacy and functioning of the RCMP’s risk management, control and governance frameworks and processes.
2.2 Service arrangements relevant to financial statements
The RCMP relies on other organizations for the processing of certain transactions that are recorded in its financial statements, as follows:
Common service arrangements
- Public Services and Procurement Canada administers the following:
- The payments of salaries and benefits under two different pay systems: Phoenix for public service employees and Member Pay System for regular and civilian members of the RCMP
- The procurement of goods and services in accordance with the RCMP’s Delegation of Authority, and the provision of accommodation services
- The issuance of Receiver General payments and the processing of Interdepartmental Settlements on behalf of the RCMP via the Standard Payment System
- The Treasury Board of Canada Secretariat provides services related to public sector insurance for public service employees of the RCMP and centrally administers payment of the employer’s share of contributions toward statutory employee benefit plans (the Public Service Pension Plan, Employment Insurance Plan, Canada Pension Plan, Quebec Pension Plan and Public Service Supplementary Death Benefit Plan) on behalf of the RCMP;
- The Department of Justice Canada provides legal services to the RCMP; and
- Shared Services Canada provides information technology (IT) infrastructure services to the RCMP in the areas of data centre, network and telecommunication services.
The annexes of the above-noted departments could be reviewed to obtain a greater understanding of the systems of internal control over financial reporting related to these specific services.
Specific arrangements
- Public Services and Procurement Canada, under a service level agreement, provides day-to-day pension administration services for members, including determining the eligibility and the calculation of pension benefits, providing call centre support, and providing information to Plan members and providing pension payroll services
- Veterans Affairs Canada, under a Memorandum of Understanding, administers some of the programs and services that the RCMP is responsible to provide to its members, including the disability pension and health benefit programs for a service-related injury, illness or death, pursuant to Part II of the RCMP Superannuation Act and the Pension Act. Veterans Affairs Canada also provides transition support, case management, and access to the network of Operational Stress Injury Clinics and Veterans Affairs Canada Assistance Service to eligible members.
3. Departmental assessment results during the 2024–2025 fiscal year
3.1 The following tables summarize the assessment areas where key controls were tested in 2024–2025
| Previous fiscal year’s rotational ongoing monitoring plan for the current fiscal year | Status |
|---|---|
| Payroll and benefits – Members | Complete; Management Action Plan being developed and work is underway to implement |
| Tangible Capital Assets table 1 note 1 | Narratives are substantially advanced. Testing expected to be completed by end of 2025-2026 |
| IT general controls under departmental management | Testing ongoing (33% completed) |
| Cybersecurity | Complete; no significant deficiencies were found |
| Procure to Pay | Drafting narrative |
| Acquisition Cards | Drafting narrative |
| Delegation of Financial Signing Authorities | Drafting narrative |
| Sensitive Expenditures | Drafting narrative |
Table 1 notes
|
|
| Financial management business process | Risk assessment and documentation | Design effectiveness testing and recommendations provided to process owner for remediation | Operational effectiveness testing and recommendations provided to process owner for remediation |
|---|---|---|---|
| Project management (real property) | Complete | Complete | Complete |
| Costing | Complete | Complete | Complete |
| Budgeting and forecasting | Complete | Complete | Complete |
| Treasury Board submissions including Chief Financial Officer attestation | Complete | Complete | Complete |
| Investment planning table 2 note 1 | Complete | Complete | Complete |
| Project management (IM/IT) | Complete | Complete | Complete |
Table 2 notes
|
|||
Ongoing monitoring program
Extensive work has been performed on the above-mentioned assessments (see previous two tables - Departmental Assessment Results). For the most part, the key controls tested performed as expected, but some remediation is required. For example, within the Payroll and benefits – Members process, no documented process was available that articulated the Financial Administrative Authorities (FAA) requirements, even though approvals were being performed. We have recommended remediation and management is developing action plans to mitigate risk. Overall, while high risk observations were noted, work is underway to remediate, and no material misstatements were found. Additionally, significant progress has been made on monitoring the implementation of Management Action Plans from prior years.
3.2 Significantly amended key controls
When the Budgeting and Forecasting business process was assessed in 2023-2024, the Internal Control Assessment Unit recommended that a key control be enhanced to ensure that budget holders spend funds within their authority. During 2024-2025, hard availability controls were implemented in RCMP’s financial system for the commitment budgets across all votes. The controls were designed to look at the available free balance within the system in order to enhance the FAA section 32 authority.
4. Departmental action plan for the next fiscal year and subsequent fiscal years
The RCMP’s rotational ongoing monitoring plan over the next five fiscal years is shown below in the table. The ongoing monitoring plan is based on:
- an annual validation of high-risk processes and controls
- resource availability
- related adjustments to the ongoing monitoring plan, as required
Some business processes are assessed over two fiscal years due to their size (number of sub-processes) and complexity.
In addition to the ongoing monitoring plan, the RCMP is in the process of finalizing a full risk assessment of its internal controls over financial management processes, which is substantially completed. Based on the results of this assessment, the financial management processes will be added to the ongoing monitoring plan to reassess control performance on a rotational basis based on risk.
| Key control area | 2025–2026 | 2026–2027 | 2027–2028 | 2028–2029 | 2029–2030 |
|---|---|---|---|---|---|
| Entity-level controls | No | Yes table 3 note 1 | Yes table 3 note 1 | Yes table 3 note 1 | Yes table 3 note 1 |
| IT general controls under departmental management | Yes table 3 note 2 | Yes table 3 note 2 | Yes table 3 note 2 | Yes table 3 note 2 | Yes table 3 note 2 |
| Operating expenses and accounts payable | |||||
| Procurement to Pay (external vendors) | Yes | No | No | No | Yes |
| Acquisition Cards | Yes | No | No | No | No |
| Priority Cheque Printing sites | Yes | Yes | No | No | No |
| Fleet Cards | No | Yes | Yes | No | No |
| Travel | No | No | Yes | Yes | No |
| Vendor Master File Maintenance | No | Yes | Yes | No | No |
| Interdepartmental Settlements Transactions | No | No | Yes | Yes | No |
| Relocation - Members | No | Yes | Yes | No | No |
| Relocation - Public Service Employees | No | Yes | Yes | No | No |
| Journal Vouchers | No | Yes | No | No | No |
| Sensitive Expenditures | Yes | No | No | No | No |
| Revenues and Accounts Receivable: | |||||
| Policing Services | No | No | Yes | No | No |
| Firearms licence fees | No | No | Yes | No | No |
| Other Revenues | No | No | Yes | No | No |
| Employee Advances | Yes | No | No | No | No |
| Receivables - External Parties | No | No | Yes | No | No |
| Payroll and benefits – Members | No | No | No | Yes | No |
| Payroll and benefits - Public Service Employees | No | Yes | Yes | No | No |
| Financial reporting | No | No | Yes | No | No |
| Tangible Capital Assets | Yes | No | No | Yes | Yes |
| Vote 15 Disability Benefits - Members Injured on Duty | No | No | No | Yes | No |
| Vote 15 Health | No | No | No | Yes | No |
| Inventory | No | No | Yes | No | No |
| Pension Plan liabilities | No | No | No | Yes | No |
| Departmental Financial Signing Authorities | Yes | No | No | No | Yes |
| Treasury Board Submissions and Chief Financial Officer Attestation | No | No | No | Yes | No |
| Project Management: Real Property | No | No | Yes | No | No |
| Costing | No | No | No | Yes | No |
| Budgeting & Forecasting | No | No | No | No | Yes |
| Investment Planning | No | No | No | No | Yes |
| Project Management: IM/IT | No | No | No | No | Yes |
Table 3 notes
|
|||||
- Date modified: