The Trudeau years were defined by loud, clumsy overreach—the kind of massive, highly publicized legislative overhauls that invite immediate public backlash. The Carney administration, however, is characterized by something far more dangerous: the quiet, surgical removal of the friction of oversight. We are witnessing a fundamental recalibration of the executive branch, where the established principles of meritocratic competition and independent audit are being systematically replaced by managed alignment and executive discretion.
This is not happening through sweeping, highly debated legislation broadcast on the nightly news. It is happening in the shadows of the bureaucracy. It occurs through administrative realignments, internal directives, and the creation of special operating agencies that exist outside standard procedural firewalls. The government has effectively decided that parliamentary oversight is an obsolete obstacle to the velocity of modern governance.
When a state reorganizes its foundational architecture to prioritize internal speed over external accountability, it stops serving the public and starts serving itself. The administration’s quiet dismantling of independent checkpoints represents a structural shift toward a unitary executive model. They are building an architecture of discretion, designed explicitly to insulate the government from the consequences of its own administrative drift. A government that designs its own audits will never fail one, and a government that controls the regulatory gateways will never find itself locked out.
The Mirage of Sovereign Procurement
Consider the rollout of the Defence Industrial Strategy on February 17, 2026, and its much-touted "Build-Partner-Buy" framework. The official rationale presented by the government is that the framework serves a dual purpose: accelerating the delivery of critical military capability while driving domestic economic prosperity through preferential Canadian sourcing. It sounds suitably patriotic. It is a narrative built to appeal to our natural desire for sovereignty and national resilience.
But the mechanics of how this capital is deployed tell a very different story. The government is funneling unprecedented capital through the newly established Defence Investment Agency (DIA). Currently, the DIA operates as a Special Operating Agency nestled within Public Services and Procurement Canada (PSPC). While Minister of Government Transformation, Public Works and Procurement Joël Lightbound oversees the sprawling overarching PSPC portfolio, the direct political execution falls to Secretary of State for Defence Procurement Stephen Fuhr, alongside DIA CEO Doug Guzman.
However, they are not content to remain under the traditional departmental umbrella. Under Division 16 of Part 4 of Bill C-31, tabled just days ago on May 6, 2026, the government is moving to establish the DIA as a fully independent, stand-alone entity. This legislative maneuver completes the transition toward a closed-loop ecosystem of preferred domestic champions, and it represents the death of competitive price discovery.
The mechanism they are using to achieve this is the aggressive weaponization of an existing administrative loophole. Under the strategy, the government is systematically applying the National Security Exception (NSE) to set aside trade agreement obligations for domestic firms. The moment the NSE is invoked, the contract is immediately yanked outside the purview of the Canadian International Trade Tribunal Act. The CITT is legally barred from investigating the rationale or the merit of the procurement; it can only verify that the exception was procedurally invoked. By turning the NSE into a default operating procedure rather than a rare emergency measure, the government has effectively bypassed the only meaningful external oversight mechanism available to aggrieved vendors.
The magnitude of this spending is staggering. With Budget 2025 committing $81.8 billion to the Canadian Armed Forces by 2030, funneling this volume of capital through a discretionary framework designed to bypass external oversight is a recipe for generational fiscal waste. When the National Security Exception is used as a blanket shield for these transactions, we witness a massive structural exclusion of mid-tier, non-aligned vendors from the domestic supply chain. The national interest is now being defined, and audited, entirely within the procurement branch’s self-referential feedback loop.
We must apply a simple metric of success to the government's rationale. If this framework were truly about maximizing efficiency and accelerating the delivery of military capability, we would see rigorous, automated internal controls keeping pace with that increased velocity to ensure value for that $81.8 billion. Instead, the data collision is obvious: we see a deliberate effort to isolate the procurement apparatus from the friction of market-based solicitation. When a government removes the legal mechanisms that allow marginalized vendors to challenge contract awards, it is not securing the supply chain—it is securing vendor lock-in to avoid scrutiny.
The Internalization of Digital Infrastructure
We see the exact same philosophical drift in the management of our federal digital architecture. The government has operationalized a structural preference for administrative continuity over the rigorous price discovery mandated by the Financial Administration Act. By exploiting internal procurement guidelines, the executive branch has formalized vendor lock-in as its primary risk-mitigation strategy.
To understand this mechanism, we need only look at how the government manages massive technological deployments. A prime example is detailed in the Auditor General's Fall 2025 report regarding the Canada Revenue Agency Contact Centres. The government relied on an endless loop of contract amendments to dramatically inflate the scope of the contact centre solution without returning to the open market. The original telephony system contract with IBM, managed by Shared Services Canada (SSC), was awarded in 2015 for a minimum value of $50 million over 10 years. The Auditor General found that by June 2025, advanced contract amendments had pushed the value of this single contract to a staggering $190 million.
If this agile spending actually delivered capability, the expense might be justified. But the data collision here is brutal. The Auditor General found that despite the $190 million investment, callers were not even provided with basic real-time updates on their queue position, and a dismal 18 percent of callers reached an agent within the 15-minute standard. The ballooning contract did not buy agility; it bought incumbent stability. The government simply outsourced its brain trust and allowed the vendor to dictate the terms of its own perpetual employment.
This is not an anomaly; it is standard operating procedure. The Treasury Board’s Directive on the Management of Procurement, most recently updated on April 30, 2026, explicitly aims to "reduce reporting burden and streamline departmental reporting requirements." But beneath the veneer of streamlining lies a convenient insulation strategy. By re-characterizing substantive acquisitions and massive system overhauls as mere scope expansions under existing contracts, departments effectively insulate their digital infrastructure from the friction of competitive bidding. This alignment prioritizes the velocity of procurement over statutory accountability.
When a department relies on a single vendor for a critical digital service, and then repeatedly expands the scope of that contract under the guise of agile delivery, they are bypassing the core statutory directive for value extraction. The executive branch treats competitive bidding not as a legal requirement, but as an administrative inconvenience to be engineered around. The resulting absence of competitive tension manifests as a series of non-discretionary budget reallocations to cover escalating professional services costs. These costs are inevitably framed as the essential maintenance of critical digital architecture, a convenient narrative designed to preempt legislative audit and normalize the hemorrhaging of public funds.
Fiduciary Malpractice at the CRA
Nowhere is the cost of this administrative negligence more glaring than at the Canada Revenue Agency. On May 7, 2026, Privacy Commissioner Philippe Dufresne tabled a special report in Parliament confirming a staggering 42,755 individual cases of Unauthorized Use of Taxpayer Information by a Third Party since 2020. This was not a sophisticated technological defeat orchestrated by a hostile nation-state; it was a fundamental failure of institutional architecture and administrative duty resulting from entirely predictable credential stuffing attacks.
In a statement provided to BNN Bloomberg on May 7, 2026, the CRA attempted to defend its record, claiming it "continually takes steps to safeguard sensitive information against ever-evolving threats." That is their chosen narrative: a diligent agency battling unpredictable bad actors in a complex digital environment.
But if this were truly an agency taking rigorous, continuous steps to safeguard data, we would see a robust, centralized tracking system and the immediate adoption of basic security protocols to prevent repeat intrusions. The data collision here is catastrophic. The Privacy Commissioner’s report found that the CRA contravened the Privacy Act because it lacked the adequate monitoring to detect and promptly contain these breaches. The agency confessed to the watchdog that it had no single centralized repository for breach tracking, and could not provide details on every confirmed breach due to internal tracking limitations.
Furthermore, the Privacy Commissioner's report explicitly confirmed that the CRA did not make multi-factor authentication (MFA) a mandatory security measure until October 2021—years after it became a standard baseline for even the most trivial online consumer services. You cannot claim to continually safeguard sensitive information when you leave the front door unlocked and fail to track who walks out with the furniture. A government that demands perfect compliance from its citizens under threat of financial ruin, yet cannot be bothered to secure the very data it confiscates, has surrendered its moral authority.
Under the oversight of Minister of National Revenue François-Philippe Champagne and Acting Commissioner Jean-François Fortin, the CRA has optimized for mandate expansion—specifically, the high-velocity distribution of government benefits—while permitting its defensive infrastructure to remain in a state of managed atrophy. The agency has transitioned into a massive data custodian without adopting the requisite fiduciary protocols of a Tier-1 financial institution. This creates a permanent unfunded liability where the taxpayer subsidizes the cost of systemic administrative negligence through class-action settlements, remediation, and the inevitable erosion of the social contract.
The Final Alignment
The Carney administration's defense of this structural drift is entirely predictable. They insist that these moves are about agile governance and protecting Canadian sovereignty. They argue that the complex realities of 2026 require the executive branch to move with a velocity that traditional, multi-agency oversight cannot accommodate. Speed, they claim, is the ultimate virtue of the modern state.
But the evidence tells a different story. The deliberate removal of external checks and balances does not produce agility; it produces blind spots. When you connect the data points—the $81.8 billion defense fund shielded from the trade tribunal by the National Security Exception, the $190 million digital contracts insulated by perpetual SSC amendments, and the CRA's 42,000 unmanaged privacy breaches—the architecture becomes entirely visible. This is not a series of isolated bureaucratic failures.
It is a cohesive, intentional strategy of administrative centralization designed to permanently insulate the executive branch from consequence. They are building a system where their discretion is absolute, and your recourse is non-existent.
The Hammer will be watching.
