Language selection


Avoiding complicity in mistreatment by foreign entities: Annual report

Table of contents


The Canada Border Services Agency (CBSA) was established by the Canada Border Services Agency Act and is an integral part of the Public Safety Portfolio.

The Agency is responsible for providing integrated border services that support national security and public safety and facilitate the free flow of persons and goods. Information sharing with domestic and international partners is essential for the successful execution of its mandate and mission.

This report is presented to the Minister of Public Safety and Emergency Preparedness (the Minister) in accordance with subsection 7(1) of the Avoiding Complicity in Mistreatment by Foreign Entities Act (ACA, or ‘the Act'). It provides an overview of the agency's information sharing practices; implementation of an updated policy in support of the Order in Council (the OiC) – Directions for Avoiding Complicity in Mistreatment by Foreign Entities, and the number of substantial risk cases and restrictions to any written arrangement or agreement due to concerns of mistreatment for the period of to .


The Act came into force on and requires the Governor in Council to issue written directions to deputy heads regarding:

On , the Governor in Council, on the recommendation of the Minister, pursuant to paragraph 3(2)(f) of the Act, issued the OiC Directions for Avoiding Complicity in Mistreatment by Foreign Entities to the President of the CBSA.

Every deputy head to whom directions have been issued must, before March 1 of each year, submit to the appropriate Minister a report in respect of the implementation of those directions during the previous calendar year.

Information sharing practices and written arrangements and agreements

The CBSA relies on information to execute its border management responsibilities safely and efficiently. The Agency collects, retains, and shares information strictly within the parameters of its border management mandate, as set out by CBSA program legislation.

The CBSA's information sharing activities can be characterized as follows:

Although the CBSA has numerous partnerships and manages a substantial amount of information, given the context described above, its administrative information sharing activities are generally low-risk in terms of possible association with mistreatment.

The CBSA recognizes that one of its key responsibilities is to be a steward of the information in its control. In line with the OiC, the CBSA continues to implement measures to enhance its management of information sharing activities.

Implementation of the directions

Updated policies, guidance, and procedures

The CBSA published its Policy on the Order in Council to the CBSA: Avoiding Complicity in Mistreatment by Foreign Entities (the policy) on September 1, 2022. The updated policy replaced the previous Policy and Operational Guidelines pertaining to the 2017 Ministerial Directive (MD) to the CBSA.

Under the policy, CBSA officials are directed to consult the Information Sharing & Collaborative Arrangements Policy (ISCAP) Unit for general information sharing questions and the Intelligence and Targeting Operational Support (ITOS) Unit for questions pertaining to the risks associated with disclosing, requesting, or using information from a specific international entity.

The policy is located within the CBSA's Information Sharing Toolkit and is accessible to employees across the Agency via the CBSA intranet. Pursuant to recommendations made in the National Security and Intelligence Review Agency's (NSIRA) Review of Departmental Implementation of the ACA, the CBSA updated the policy to include the unabridged definition of “substantial risk” that was provided in the MD.

As per best practices, an agency-wide awareness campaign including formal communications regarding the release of the policy, was conducted. ISCAP is preparing additional awareness and outreach activities that will take place across the Agency over the next calendar year.

The Network Operational Reporting and Information Sharing Unit (NORIS), under IOD, provided guidance to CBSA officials regarding best practices and conducted quality assurance for LOs' information disclosure records to enhance quality documentation, as per the Review of Departmental Implementation of the ACA. NORIS also coordinated with subject matter experts and LOs to address queries related to ACA information sharing requests concerning various foreign entities. Activities in this area included consultations with ISCAP and the ITOS units.

Various other working tools and processes to support implementation are ongoing.

Interdepartmental coordination

While developing and maintaining the policy in support of the OiC, the CBSA has ensured that it is applying a compatible and complementary approach to that of other federal partners in terms of how it assesses risk associated with its information sharing activities with foreign entities.

In line with this approach, the CBSA continues to be an active participant in the Public Safety-led Information Sharing Coordination Group (ISCG). The ISCG is the primary interdepartmental forum for supporting interdepartmental collaboration and information sharing between members as they implement the Act and the corresponding Directions.

The three primary objectives of ISCG are to:

Over the course of the calendar year, the CBSA also established operational working groups with IRCC to ensure a collaborative operational approach to risk assessment capacity building.

Country profiles

The CBSA's Intelligence Collection, Analysis and Production (ICAP) Division develops and maintains Serious Inadmissibility & Mistreatment Country Assessments (SIMCAs). SIMCAs capture and reflect the security, organized crime and human rights environment in identified countries of concern.

SIMCAs provide the basis for the CBSA's Country and Foreign Entity Mistreatment Risk Assessment process as part of its responsibilities under the ACA and related OiC.

The mistreatment risk assessment (MRA) process assesses the country or entity risk rating in relation to the ACA. SIMCAs are considered for each MRA.

CBSA officials are instructed to contact the ITOS Unit if they have questions pertaining to the risk levels of certain countries.

Risk mitigation and mistreatment risk assessment

The CBSA establishes the level of the risk associated with a given information sharing activity by simultaneously considering the level of mistreatment risk associated with the intended recipient of the information, as well as the sensitivity of the information to be disclosed. Information sharing activities may only proceed in cases where there is no substantial risk of mistreatment, and/or risks that might be present can be adequately mitigated.

During the calendar year, the ITOS Unit focused on further strengthening the CBSA's existing mistreatment risk assessment methodology. The improved process involves extensive utilization of transparent risk assessment benchmarks, as well as interviews and consultation within the LO network for direct input.

Senior Management Risk Assessment Committee

In instances where there is substantial risk that cannot be mitigated at the working level, but there is a desire for an information sharing activity to proceed, the ITOS Unit will convene a Director General-level Senior Management Risk Assessment Committee (SMRAC) meeting and accordingly prepare a risk assessment package for consideration.

The risk assessment package includes the ACA Consultation Request Form, SIMCA, the Mistreatment Risk Assessment (MRA), the ITOS Unit operational determination, and any additional related documentation or research. Consultations with Departmental Legal Services, ISCAP, and ICAP are to be conducted in order to ensure all relevant input is incorporated into the risk assessment package.

SMRAC processes the available information in order to determine if a given information sharing activity may result in mistreatment, or if information may have been derived through some form of mistreatment. In exceptional circumstances, SMRAC may refer the decision to the President for action. It should be noted that no cases were referred to the President during the calendar year.

After considering the information contained within the package, there are four potential outcomes:

  1. If SMRAC determines that the information sharing with a foreign entity is not likely to lead to the mistreatment of an individual, or if the information received from an entity was likely not obtained as a result of mistreatment, SMRAC will provide a positive information sharing opinion, indicating that the information may be shared or used.
  2. If SMRAC determines that information sharing with a foreign entity may result in a substantial risk of mistreatment, or if there is a risk that the foreign entity obtained the information as a result of mistreatment, but these risks have been sufficiently mitigated, SMRAC will provide a positive information sharing opinion, indicating that the information may be shared or used.
  3. If SMRAC determines that information sharing with a foreign entity will likely lead to the mistreatment of an individual, or it is likely that the information received from a foreign entity was obtained as a result of mistreatment, SMRAC will provide a negative information sharing opinion, indicating that the information cannot be shared or used.
  4. In the event that SMRAC is unable to reach a decision as to whether or not the information sharing activity could result in a substantial risk of mistreatment, or if they are unable to determine if the foreign entity had obtained the information as a result of mistreatment, SMRAC will refer the case to the President of the CBSA for consideration.

Notwithstanding the outcome of SMRAC deliberations, the ITOS Unit will prepare a record of decision and provide it to the CBSA official who had initially requested their assistance.

If it is determined that the CBSA will not release the information, a draft response explaining the decision is provided by the ITOS Unit to the originating CBSA official for furtherance to the requestor. In cases where the disclosure is approved, the originating CBSA official will proceed with the information release or exchange.

SMRAC process complements existing CBSA information sharing policies and procedures in order to maximize operational efficiency while ensuring that the CBSA adheres to the requirements of the OiC.


The CBSA provides general information sharing training online and in-person to employees.

CBSA officials regularly involved in information sharing activities, or those whose responsibilities may bring them into information sharing scenarios, have access to additional information sharing training tailored to their particular roles and responsibilities. This approach ensures that training received is commensurate with the level of potential risk associated with a given role.

During , IOD's Functional Development team administered the LO Induction Training Program, which includes a section dedicated to the ACA. This training was delivered by subject matter experts within NORIS and ISCAP.

ISCAP is currently updating the online “Introduction to CBSA Information Sharing Training” to include expanded content related to the ACA. The updated training, which is included in the CBSA's national training standard, will emphasize the fact that the ACA must be considered in any information sharing activity with any foreign entity, and will direct users to relevant guidance and applicable working tools.

Activity Report

This report describes OiC related activities undertaken by the CBSA between and .

Engagements of the OiC

Per the table below, within the aforementioned reporting period, the CBSA had no cases of disclosure, request, or use of information requiring additional risk assessment or referral for Presidential Determination.

Cases of Substantial Risk for the Period to
Type of case: Disclosure of information Request for information Use of information
Number of cases requiring Deputy Minister Determination: 0 0 0

Restriction of arrangements

The CBSA did not have any cases of restrictions being applied to any written arrangement or agreement due to concerns related to mistreatment within the aforementioned reporting period.

Date modified: