David Yeo, President and founder of Dalian Enterprises, during a committee appearance.Government of Canada
An internal federal review determined that an ArriveCan contractor who also worked at the Department of National Defence posed a “high risk” of transferring sensitive military information to unauthorized people, according to documents obtained by The Globe and Mail.
The finding relates to contractor David Yeo, who as president of Dalian Enterprises was a key figure in the political fallout over the government’s handling of the ArriveCan app for cross-border travellers. Dalian and its partner, Coradix Technology Consulting, were suspended from the federal procurement system this year after it was discovered that Mr. Yeo had taken a job at DND in 2023 without severing ties with Dalian.
An internal memo produced in April for the assistant deputy minister at Public Services and Procurement Canada said Dalian had been additionally suspended from a program meant to screen contractors for security risks because of a concern about Mr. Yeo after an internal review. That suspension came about a month after Dalian was already banned from government contracts.
The Controlled Goods Program is linked to the Defence Production Act and requires organizations to register if they work with controlled goods, such as components and technical data, that have military or national security significance.
“Following a security reassessment of David Yeo, majority owner and President of Dalian, this individual was deemed to pose a ‘high risk’ of transferring a controlled good to a person who is neither registered nor exempt from registration,” states the memo obtained by The Globe through an access to information request.
Campbell Clark: MPs call an ArriveCan witness and forget the key question
As president of Dalian, Mr. Yeo was the Indigenous partner in a joint venture with Coradix, a much larger non-Indigenous company, allowing the partnership to access contracts set aside for Indigenous businesses.
David Perry, who analyzes defence procurement matters as president of the Canadian Global Affairs Institute, said in an interview that the Controlled Goods Program is meant to screen out potential security liabilities.
He said obtaining certification in the federal program has historically been a challenge for Indigenous businesses that are seeking to qualify for federal contracts because of its many requirements.
An April memo prepared for the Assistant Deputy Minister of Public Services and Procurement Canada.Supplied
“What I was really struck by was basically it was only the media interest that triggered a review of the admissibility of the contractor in that program after it got a lot of attention,” said Mr. Perry, who reviewed the documents obtained by The Globe.
“Dalian had a number of problems, from a number of different aspects, in terms of it being a supplier to the Government of Canada, of which security now looks like it was one,” he said.
Indigenous Services Canada has said it is auditing all of Dalian and Coradix’s contract work under the Procurement Strategy for Indigenous Business, including its work on ArriveCan.
That is just one of more than a dozen studies and investigations that are under way or completed with ties to spending on the federal mobile app launched during the pandemic, including reviews by the RCMP, the Auditor-General, parliamentary committees and watchdogs and individual departments.
The app began as an $80,000 expense and grew to nearly $60-million in part because of a heavy reliance on contractors and subcontractors.
Additional details about Ottawa’s concerns with Coradix and Dalian have also been recently disclosed in a Federal Court case, where Coradix is suing the federal government for $64-million in damages over its suspension. Ottawa has responded to the Coradix statement of claim and rejects any liability.
The Public Services and Procurement Canada memo, which is redacted in parts and signed by department director-general Claude Kateb, includes several references to news reports about Mr. Yeo’s employment with the Defence Department. The memo also references a February LaPresse newspaper report that Mr. Yeo had opened two companies in tax havens.
Mr. Yeo has previously created at least two offshore companies. According to the Pandora Papers database, Mr. Yeo incorporated ISBN Inc., an entity in the British Virgin Islands, in September, 2011. He also formed an iSBN Inc. in the Caribbean tax haven of Curaçao in August, 2012. During his appearance at a House of Commons committee hearing, Mr. Yeo said the companies amounted to an “exercise” in entrepreneurship.
The department memo says the Controlled Goods Program review of Mr. Yeo’s status was launched “in light of recent adverse media coverage related to Dalian and Mr. Yeo.” The unredacted sections do not say whether Mr. Yeo did in fact breach the program’s rules.
Mr. Yeo declined to comment in response to questions about the department’s finding. Ben Mills, a lawyer representing Coradix, also declined to comment.
The department memo describes the controlled good as being related to “software, command, communications, control, computer and intelligence applications.”
Mr. Yeo joined the Defence Department as a full-time public servant on Sept. 19, 2023. The documents show Mr. Yeo had a long history of working with the department as a contractor.
The documents said Dalian and Coradix had a contract with the department that ran from Sept. 6, 2019, to Sept. 18, 2023. The records also state that from June, 2003, to September, 2019, Mr. Yeo was an “embedded contracted Senior Security Analyst.” The documents say specific contracts for that role were “unavailable.”
National Defence spokesperson Andrée-Anne Poulin confirmed in an e-mail that Mr. Yeo worked as an embedded contractor at the department during that period.
The statement said Mr. Yeo’s work for the department included IT work on the Canadian Army’s Land Command Support System (LCSS), which the department describes as a critical component of the Army’s ability to manage command and control over deployed military personnel. It includes secure two-way e-mail, chat and other online communications programs.
Ms. Poulin said the LCSS is designated as Canadian Controlled Goods, and it includes a number of computing systems and wireless tactical communications that vary in sensitivity between unclassified and secret.
A spokesperson for Public Services and Procurement said further details related to the department’s findings cannot be released because of federal privacy laws. The department said details regarding controlled goods being accessed by Dalian would have been detailed within each contract.
The department declined to provide further information when asked to explain the memo’s reference to Mr. Yeo’s offshore bank accounts.
“In the Memorandum, officials from the Controlled Goods Program present a multi-pronged rationale for suspending Dalian Enterprises Inc.’s registration in the Controlled Goods Program,” department spokesperson Michèle LaRose said.