When the Mass Casualty Commission (MCC), the public inquiry into the deadliest rampage in Canadian history, tried to get documents from the Royal Canadian Mounted Police (RCMP), it ran into a wall. The commission later described the experience as dealing with "pervasive and massive scale of disclosure challenges". It wasn't just slow, it was chaotic. The materials that did arrive required "significant time to re-organize... before it could be reviewed".

We’ve all dealt with frustrating bureaucracy. We picture overflowing filing cabinets, nonsensical rules, and systems that seem designed to fail. But this was different. This wasn't just an inconvenience, it was a barrier to justice.

That public failing triggered an internal audit of the RCMP’s document management and production processes (DMPP), and the final report, released in March 2025, is a stunning portrait of systemic failure. It reveals that the greatest threat to the RCMP's ability to function isn't an external enemy, but a self-inflicted wound born from its own broken internal systems. The report decodes a hidden, decades-old machine of dysfunction that actively undermines the force's ability to do its job.

By the end of this article, you will understand the three interlocking layers of this failure, governance, risk management, and modernization, and see how the mundane act of managing files can have profound consequences for public safety and the administration of justice in Canada.

The Obvious Problem: A Failure to Produce

The audit makes one thing clear: the RCMP has long known it has a problem. The force acknowledged internally that "information sharing and accessibility has been a challenge, resulting in production delays and, in some cases, the inability to share information". When a major inquiry like the MCC can't get the information it needs in a clear and timely manner, public trust evaporates.

But these production delays are just a symptom, the visible tip of a very large and dangerous iceberg. The audit allows us to look beneath the surface to see the hidden structures that created the problem. It starts with leadership.

Share

Decoding the First Layer: A Failure of Governance & Oversight

In any large organization, governance is about who is in charge and what they are paying attention to. In the case of the RCMP, the audit shows that for years, leadership simply wasn't paying attention to this critical issue.

The auditors reviewed the meeting records of the force's most senior leadership committees. The results are damning. Between 2019 and 2024, the RCMP's Senior Executive Committee (SEC) discussed document management in only 16 of its 71 meetings, just 23% of the time. Other critical management committees had similarly low rates of engagement.

When leadership doesn't make something a priority, the entire system breaks down. The audit found the consequences of this inattention everywhere:

• Inconsistent Training: Core training courses on information management were mandatory in some divisions but only recommended, or entirely absent, in others. This creates a patchwork of knowledge and inconsistent practices across the country.

• Outdated Roles: The methods and responsibilities for managing documents were designed for a paper-based world and haven't kept up with the shift to digital.

• No Monitoring: The RCMP established "very few... monitoring and oversight measures at the senior management level" to ensure its own policies were being followed.

It’s like an orchestra where every musician has a different sheet of music, and the conductor is looking out the window. The result is not just a bad performance, but an organizational inability to respond coherently.

Decoding the Second Layer: A Culture of "Reactive" Risk Management

The audit identifies a core cultural problem: the RCMP is "reactive rather than proactive," often waiting for systems to be "broken/in a critical state" before addressing them. This culture has allowed massive risks to fester within its information systems.

The most basic function of a document system, to help people find the right information, is fundamentally broken. Systems are fragmented and don't communicate with each other, leading to "information being isolated and not accessible". This is worsened by a policing culture where information is often siloed on a "need to know basis". While that works for protecting a specific investigation, it fails spectacularly during a multi-jurisdictional crisis that requires collaboration.

Worse, the audit's file testing revealed widespread non-compliance with the force's own rules. In a sample of 56 administrative files, auditors found:

• Zero files showed evidence of a required annual review.

• Zero files showed evidence that a manager had completed the required disposal activities after the files expired.

This isn't just poor record-keeping. Keeping documents past their legislated disposal date creates a swamp of outdated information that paralyzes the system. It leads to higher storage costs and, crucially, exposes the organization to massive legal risks when those expired records are captured in legal proceedings or ATIP requests. The system is clogged because no one is taking out the trash.

Decoding the Core: The Cycle of Failed Modernization & Technical Debt

This brings us to the engine room of the failure: a complete inability to modernize, driven by a crippling cycle of "technical debt."

Technical debt is what happens when you consistently choose a short-term fix over the right long-term solution. Like only paying the minimum on a credit card, the interest compounds until you're buried. The audit provides the hard numbers:

63% of the RCMP's IM/IT budget is spent just sustaining existing, aging services, while only 16% is spent on transformation. The force is running just to stand still.

The most potent symbol of this failure is a system called GCDOCS. It was introduced as the Government of Canada's official solution, an "easy to use, enterprise-wide solution" meant to fix these very problems. But the audit found that it "did not achieve the goal of modernizing" for one simple reason: the RCMP never fully implemented it. It was only deployed to a fraction of the organization, and even those with access stored information outside of the system's required structure, rendering its compliance features useless. They bought a new car but left it in the garage and kept driving the old, broken one.

The final, almost unbelievable, evidence of this cycle is the RCMP's plan for a new solution, the Digital Collaboration and Information Management (DCIM) project. It was identified by the Commissioner as a top priority to finally fix these issues. Yet, at the time of the audit, this critical project was listed as unfunded in the RCMP's Investment Plan.

A System Designed to Fail

The governance, risk, and modernization failures are not separate issues. They are a tightly connected, self-perpetuating system. Poor governance means critical risks aren't identified or prioritized. A reactive culture of risk management creates ever-deepening technical debt. And that technical debt consumes the entire budget, making it impossible to fund the modernization needed to fix the underlying problems.

This isn't just about messy files. It's about the operational capability of Canada's national police force. It’s about ensuring justice for victims of crime. It is about maintaining public trust and confidence. When an organization's own bureaucracy prevents it from accessing its own information, it has lost a battle against itself before the real work can even begin. The audit shows, in methodical detail, how the RCMP's worst enemy has become its own filing system.