Executive Vice-President's Transition Binder 2019
CBSA Assessment and Revenue Management Branch (CARMB)


The CARM is a major transformation project to modernize the CBSA's commercial systems and business processes used to assess imported goods and manage the associated revenue. While CARM has a significant technology component – it is much more than an IT project. The scope of CARM also encompasses:

Vision statement

The vision of CARM is to deliver a globally-leading customs experience that is customer-centric, facilitates legitimate trade, improves compliance and revenue collection, and contributes to securing the borders of Canada.

Vice-President biography

Lisa Anawati joined the CBSA in as Vice-President of the CBSA CARM Branch.

Prior to joining the CBSA, Lisa was with the Canada Revenue Agency (CRA) where she was Acting Deputy Assistant Commissioner, International, Large Business and Investigations Branch. Her other positions at the CRA included Director General, International and Large Business and Director General, GST/HST. Lisa has extensive experience in both GST/HST tax and tax service audit operations.

Lisa has a degree in Business Administration from the University of New Brunswick. She is also a Chartered Professional Accountant / Certified Management Accountant and holds a certificate in Public Sector Leadership and Governance from the University of Ottawa.

Overview of CARM

Image description

Did you know?

CBSA collects $32 billion in taxes and duties for the Government of Canada each year-the second largest revenue collector after Canada Revenue Agency.

As goods are imported into Canada, they need to be tracked and valued so that taxes and duties can be collected.

Why is CBSA changing?

CBSA is changing to reduce substantial paperwork, update aging computer systems and alleviate cumbersome processes.

What is the CBSA doing?

CARM is an IT-enabled business transformation: modernizing information requirements, processes and systems which will improve the import accounting making it simpler, easier and cheaper.

What is the project timeline?

What is the cost and benefits?

The project will cost $371 million and is expected to generate $2 billion.

Why will the project succeed?

The project success is based on change enablement, the development and execution of transitions plans, an innovative contracting approach, substantial stakeholder engagement, independent reviews that will be conducted at different stages of the project as well as on the dedication of its Vice-President.

What are the benefits of CARM?

CARM includes 18 core processes

Image description

This graphic provides an overview of the 18 CARM core processes occurring at the 3 different stages of the commercial continuum, including Pre-Arrival, Accounting and Post-Accounting. 9 of the processes occur only at one of the commercial continuum stages, 4 can occur at two different stages and 5 occur at all 3 stages. Listed below are the 3 stages of the commercial continuum and the related core processes.

Stage 1: Pre-Arrival

Stage 2: Accounting

Stage 3: Post-Accounting

Work streams

The CARM Branch is comprised of four (4) divisions and nine (9) work streams operational throughout the implementation stage, beginning and to be completed in . The project work streams, in combination with its service delivery partners include the following:

What CARM is doing

Key deliverables (2019-2020)

Completion of detailed design sessions

Working jointly with Business, Solution Delivery and CBSA Subject Matter Experts, CARM is leading a series of Detailed Design Sessions to resolve open items, identify detailed design considerations and validate any key decisions required for the build and implementation of the CARM solution.

Build preparations for upcoming releases (including)

Testing and deployment

Coordinate CARM build, test and deployment planning with CBSA ISTB and external stakeholders (SSC, integration with OGD, cloud provider).

Business readiness

Identify Business Readiness Leads from each of the key impacted business areas (e.g. Commercial and Trade). Each Lead will develop their own plan and need to identify resources (i.e. members of their Business Readiness Working Group) to support the execution of that plan.

Implementation and deployment

CARM capabilities are being deployed over three releases, balancing risk, change burden and earliest achievement of benefits.

  1. Release 0 – ARL lift and shift
    ARL will be re-platform to the latest technology (SAP S/4 HANA) and hosted within the cloud environment.
  2. Release 1 – Initial online portal
    Introduction of the internal portal which will set the foundation for case management; and external portal, which will provide basic functionality for tariff calculation, HS code lookup, account information, payment processing and advance ruling requests.
  3. Release 2 – Core CARM
    Deliver the remaining CARM functionality, which includes the transition of functionality from CBSA legacy systems to the CARM solution.

CARM release plan

Image description

In the implementation Stage CARM will be deployed in two main phases; the “lift-and-shift” of the ARL system (Release 0) onto the latest s/4 HANA technology, and then an initial release of the External Portal (Release 1) and the release of the full Core CARM capabilities (Release 2).

The table shows each CARM capabilities and the related component(s) planned implementation.

ARL; Migration to S/4 HANA to be deployed in April 2020, Release 0 Go-live followed by an hyper car period ending in July 2020.

1. Client Registration and Program Enrollment to be deployed in April 2021, Release 2 Go-live, followed by an hyper care period ending in July 2021.

2. Customs tariff and rulings information; online tariff book classification tool to be deployed in September 2020, Release 1 Go-live, followed by an hyper care period ending in January 2021.

3. Assessment/reassessment processing; digital B2/B3 (CCS replacement) to be deployed in April 2021, Release 2 Go-live, followed by an hyper care period ending in July 2021.

4, 5, 6. Client account invoicing, payment processing, collections; online payments, invoicing to be deployed in September 2020, Release 1 Go-live. The automated billing, Offsetting, collections to be deployed in April 2021, Release 2 Go-live followed by an hyper care period ending in July 2021.

7. The financial Management and Internal Controls capability, is addressed in each release. The current internal controls will be migrated with R0 and new internal controls identified as part of detailed design will be implemented with Release 1 and Release 2.

8. Client account management: internal portal account view to be deployed in September 2020, Release 1 Go-live followed by an hyper care period ending in January 2021.

9. Online client self-service (external portal); initial portal (SOAs, reporting) to be deployed in September 2020, Release 1. The online assessments and reassessments to be deployed in April 2021, Release 2 Go-live followed by an hyper care period ending in July 2021.

10, 11, 12. Reporting and analytics (compliance, trade data, trade fraud); CARM reporting, EDW integration to be deployed in April 2021, Release 2 Go-live followed by an hyper care period ending in July 2021.

13. Case management; online case management to be deployed in April 2021, Release 2 Go-live followed by an hyper care period ending in July 2021.

14. Financial Security Program Management; Security program changes to be deployed in April 2021, Release 2 Go-live followed by an hyper care period ending July 2021.

CARM governance

The objective of The CARM Project Governance is to support the successful attainment of business outcomes within scope, time and cost by ensuring that appropriate processes and controls for managing the CARM Project are in place. CARM governance will also ensure that accountability for project outcomes is transparent, and that the project conforms to CBSA and GC reporting requirements.

Image description

This graphic provides an overview of the CARM governance structure under the Treasury Board Secretariat oversight. The structure is comprised of 5 type of governance bodies. Project Execution, Project Engagement, Project Governance, Policy Governance and Technology Governance.

The Project Execution, falls under direction of the CARM VP and CARM DG respectively. It consist of a day to day execution which includes, the CARM Delivery Team, the CARM Leadership Team and the Project Change Control Board who are Co-Lead by Deloitte and CBSA and for which CBSA is Accountable.

The Project Engagement consists of the CARM Stakeholders Consultation and Engagement Networks (internal and external) co-lead by Deloitte and CBSA and for which CBSA is Accountable. The CARM Business Readiness Implementation Board led by CBSA and attended by Deloitte on request. The Agency Revenue Management Advisory Board chaired by the President and to which Deloitte is a non-voting standing member. The Agency Revenue Management Advisory Board is the senior project advisory committee for CARM; it includes other government department and industry representatives.

Project Governance includes the CARM Project Board to which Deloitte is a non-voting standing member. The CBSA Financial and Investment Management Committee at which Deloitte attends with CBSA partner at CBSA request and the CBSA Executive Committee.

The Policy Governance consist of the Executive Policy Committee.

Technology Governance includes the SLMF Operations Management Board Committee, the SLMF Engineering Board Committee, SLMF Release Management Board Committee, SLMF Service Management Board and the TBS CIOB Enterprise Architecture Review Board. Deloitte attends with CBSA partner at CBSA request.

CARM's timelines, costs and benefits


$371.5M and $36.5M Ongoing Maintenance including HST


Resource profile 2019-2020



High risk

Risk CARM net benefits impacted by external stakeholder resistance to CARM changes and/or timelines

Description: Risk that large, diverse external stakeholder population with divergent interests may create resistance to proposed changes that may limit transformation, require unanticipated effort/investment and/or delay implementation, undermining the net benefits of CARM.

Mitigation: Planned CARM Project external stakeholder engagement and communication activities such as TCP Working Groups are being executed as part of the Design Stage activities, and will continue throughout the project. Early escalation to VP and DG CARM of arising concerns.

Rating: 6

Medium risk

Risk that leg/reg changes will not keep pace with CARM release 2

Description: Risk that regulatory and/or legislative changes desired for CARM cause project delays or delays for implementation of individual capabilities in Release 2 given the long lead time required for leg/reg changes. Program Authority reviews of CARM Release 0 and Release 1 have been completed and have found no regulatory or legislative changes are required for either release.

Mitigation: Additional project resources have been applied to investigate and define approach for changes to policies, regulations, and legislation. Strategic Policy Branch and others socialized of CARM needs. Identification of options and short term work arounds to provide administration relief.

Rating: 4

Risk internal stakeholders unable to support the amount of change (transformation) within CARM timelines

Description: Risk that internal stakeholders may be unable to support the amount of change (transformation) CARM will bring within the CARM timelines.

Mitigation: Early and continuous engagement with internal stakeholders planned throughout the CARM lifecycle. Development of plans to consider internal stakeholder "change burden" and capacity.

Rating: 3

Dependency on SSC for ground to cloud

Description: There is a dependency on SSC for ground to cloud. Secure Cloud Enablement and Defense (SCED) (SSC Initiative) will provide a secure ground to cloud connection. SCED is a new initiative, and is planned to be operational by . This aligns to the implementation plan, but no delay can be absorbed.

Mitigation: (Update – ) In the event that Plan A, SCED do not materialize as scheduled, SSC's Plan B, a VPN and/or native Direct Connect is available to test non-protected B data. A decision from CBSA to proceed with Plan B is needed by the end of May due to timing. Team Deloitte has also developed a Plan C, Option – Internet that minimises dependency on SSC. Two other departments dependent on SCED before CBSA.

Rating: 3

Date modified: