INDUSTRY RESPONSE TO GC SURVEY ON CLOUD PROCUREMENT
January 2025
This document is submitted in response to the PSPC & SSC Survey on Cloud Procurement, posted for industry feedback in January 2025. Supported by input from over 30 SaaS and PaaS vendors across Canada and globally, it presents a collaborative vision for modernizing cloud procurement processes within the Government of Canada.
The submission highlights key recommendations to streamline procurement, address industry challenges, and incorporate global best practices. By fostering more efficient, transparent, and innovation-driven procurement strategies, these insights aim to accelerate the adoption of SaaS and PaaS solutions, unlocking transformative potential across federal operations. This response is designed to spark meaningful dialogue and guide actionable improvements, ensuring Canada remains a leader in digital government and public service delivery.
Federal SaaS User Group
The Federal SaaS User Group (FSUG) is a Not-for-Profit organization founded by leading global Software-as-a-Service (SaaS) providers and is dedicated to transforming how the Canadian government delivers digital services. Our mission is to create a unified, streamlined avenue for the Canadian government to access cutting-edge SaaS solutions that meet the evolving needs of government departments and agencies.
As a consortium of prominent SaaS publishers from around the world, the FSUG serves as a single point of contact for government stakeholders, simplifying engagement with the SaaS ecosystem.
Our focus includes key issues such as:
- Security: Ensuring federal compliance with the highest security standards in cloud technology (PA, PBMM).
- Contracting: Streamlining procurement processes for faster and more efficient access to SaaS solutions (PSPC SaaS SA).
- Licensing: Promoting best practices for licensing models tailored to government requirements
- Enablement: Supporting the federal government's digital transformation with scalable, innovative technologies.
The goal is to collaborate closely with the Canadian government, helping departments navigate the complexities of SaaS adoption while ensuring access to the latest technological advancements. The FSUG is committed to shaping the future of technology in the public sector through advocacy, expertise and innovation promoting Canadian and global SaaS leaders as viable partners in driving innovation and leveraging GC-Wide SaaS Supply Arrangements to enable open, fair, and competitive procurements.
GC QUESTIONS TO INDUSTRY ON CLOUD PROCURMENT:
DO YOU HAVE RECOMMENDATIONS ON HOW CANADA CAN IMPROVE THE WAY IT PROCURES SAAS/PAAS?
Better Alignment with Commercial Acquisition Practices:
The resulting procurement framework should be strategically designed to align with the commercial acquisition methodologies employed by Cloud Service Providers (CSPs) across Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) models, while maintaining full compliance with Government of Canada (GoC) procurement policies and regulatory requirements.
Unified Cloud Services Procurement Model:
Establish a single consolidated Government of Canada (GC) method of supply for cloud services, enabling federal departments to access a comprehensive and diverse catalogue of pre-qualified Cloud Service Providers (CSPs) across IaaS, PaaS, and SaaS offerings. This catalogue should accurately reflect the breadth and depth of the global cloud services market and its evolving capabilities.
Foster Competitive Dynamics:
Enhance competitive procurement dynamics by creating an open and transparent cloud marketplace that encourages innovation, drives cost efficiencies, and ensures value for money in cloud service acquisitions.
Promote Multi-Cloud and Hybrid Cloud Strategies:
Encourage government departments to adopt a SaaS-prioritized multi-cloud and hybrid cloud architectures to prevent vendor lock-in and ensure service continuity.
Clear Governance Framework for GC Cloud Adoption Strategy:
Provide and publish a clear accountability framework for the governance and enforcement of the GC Cloud Adoption Strategy, particularly as it relates to the responsibility for implementation of the strategy and prioritization of investments in SaaS within federal organizations, and reduce confusion
RESULTS:
- Improvement of the GC’s digital services to Canadians.
- Increase in participation from Canada’s SMBs in GC procurement resulting in advancing Canada’s Innovation agenda.
- Alignment and enforcement of the GC’s Cloud Smart policies.
- Application-driven infrastructure consolidation across the GC.
Cloud Smart – Buy Before Build
GC's Cloud Adoption Governance Framework
The responsibility for implementing and enforcing the Government of Canada’s Cloud Adoption Strategy rests with several key entities, each playing a distinct but interconnected role within a structured governance framework.
Policy
At the forefront is the Treasury Board of Canada Secretariat (TBS), which serves as the primary authority for overseeing the strategy’s execution. TBS is tasked with setting policy direction, offering clear guidance, and establishing standards to ensure consistency across federal departments and agencies. Beyond policy creation, TBS actively monitors departmental compliance, tracks progress and ensures that cloud adoption aligns with government-wide priorities for digital transformation and modernization. To facilitate effective adoption, TBS also provides tools, frameworks, and ongoing support to departments, enabling them to make informed decisions and navigate complex cloud environments.
Supporting TBS in this effort is the Chief Information Officer (CIO) of Canada, who operates under the Treasury Board Secretariat. The CIO plays a leading role in developing and promoting cloud adoption policy while also providing critical direction on cybersecurity, data management, and digital transformation initiatives. This leadership ensures that cloud adoption adheres to national security standards, data governance requirements, and best practices in managing digital operations.
Accountability
While TBS and the CIO establish the strategic direction, Deputy Heads of individual departments and agencies bear the responsibility for implementation within their respective organizations. Deputy Heads are accountable for ensuring alignment with the Cloud Adoption Strategy, approving cloud adoption plans, and prioritizing investments in Software as a Service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS). They must also enforce internal compliance with cloud policies and manage risks associated with adoption, ensuring operational efficiency and security are maintained.
Security
Equally critical are the roles of Chief Security Officers (CSOs) and Chief Privacy Officers (CPOs) within individual departments. These officials are responsible for ensuring compliance with established security frameworks and privacy legislation during cloud adoption. Their oversight guarantees that robust security controls are implemented and that risks associated with cloud deployments are actively managed and mitigated.
Operations & Procurement
In parallel, Shared Services Canada (SSC) functions as the operational authority responsible for IaaS cloud services, while Public Services and Procurement Canada (PSPC) addresses the requirements for SaaS cloud solutions. SSC serves as the federal government’s designated broker for IaaS cloud services and, in collaboration with PSPC, manages relationships with approved cloud service providers across IaaS, PaaS, and SaaS offerings, both overseeing each other's associated procurement processes. Jointly, these departments bear the responsibility for administering government-wide contracts with vendors, ensuring that all agreements comply with established security, privacy, and procurement standards.
However, the rationale for dividing cloud procurement responsibilities between two separate departments remains unclear, particularly given the potential conflict of interest within one department regarding the selection of on-premises vs cloud hosting platforms. This division of responsibilities contributes to confusion, uncertainty, and a lack of trust in the cloud procurement process among federal clients and industry stakeholders, ultimately undermining confidence in the effectiveness and transparency of these arrangements.
Current Challenges in Federal Cloud Procurement
Improving the Delivery of Digital Services to Canadian Citizens
As of 2024, Canada ranks 47th on the United Nations E-Government Development Index, placing it behind all other G7 nations. This ranking reflects persistent challenges in the federal digital landscape, including fragmented digital platforms, inconsistent user experiences across government departments, and a slower-than-expected adoption of cloud technologies. While the Government of Canada has introduced a Cloud Adoption Strategy to modernize service delivery, the strategy is hindered by an unclear governance framework for cloud service procurement. This lack of clarity creates barriers to innovation, delays the deployment of citizen-centric digital services, and prevents departments from fully leveraging the scalability, security, and agility offered by modern cloud solutions. Addressing these governance gaps is essential for Canada to improve its global standing and meet the growing expectations of citizens and businesses for seamless, secure, and efficient digital interactions.
RECOMMENDATION: Standardize Cloud Procurement Processes Across Departments with a clear Governance Framework for Procurement
Adopt a single centralized cloud procurement supply arrangement modeled after the UK’s G-Cloud for all cloud delivery models (SaaS/PaaS/IaaS) to simplify vendor engagement, reduce redundancies, and ensure consistent procurement practices across government departments. Ensure clear definition of governance framework responsibilities for accountability and procurement for the adoption of the Smart Cloud policy. Cloud Procurement Authority provides the Departmental Deputy Head with access to a single robust cloud services catalogue where the Deputy Head remains accountable for making Smart Cloud procurement decisions.
Increasing Participation of Canadian Small & Medium-Sized Businesses (SMBs)
Small and medium-sized businesses (SMBs) make up 99% of all businesses in Canada, playing a vital role in driving economic growth, innovation, and job creation. However, their participation in federal cloud procurement remains disproportionately low, with most cloud contracts awarded to large multinational corporations. This imbalance stems from complex and resource-intensive bidding requirements, a procurement culture that often favours established global vendors, and limited outreach or support programs designed to equip SMBs for success in federal procurement processes. Enhancing SMB participation in cloud procurement is not only a matter of economic fairness but also a strategic imperative. Aligning procurement practices with the Government of Canada's Innovation Agenda can help create a more level playing field, encourage local innovation, and ensure federal cloud solutions reflect the agility and creativity that Canadian SMBs bring to the technology sector.
RECOMMENDATION: Empower Canadian SMBs Through Dedicated Procurement Channels
Create set-aside contracts for Canadian SMBs and implement training programs to improve their capacity to compete for cloud procurement opportunities.
Create set-aside contracts for Canadian SMBs and implement training programs to improve their capacity to compete for cloud procurement opportunities.
Reducing Bureaucratic Barriers and Cloud Procurement Confusion
The Government of Canada currently maintains two distinct procurement supply arrangements for cloud services: one for Infrastructure-as-a-Service (IaaS) and Native Platform-as-a-Service (PaaS), and another for Software-as-a-Service (SaaS) and PaaS. This bifurcated approach creates unnecessary complexity, fostering confusion and eroding trust among both government stakeholders and cloud service vendors. Adding to the challenge, one of these arrangements remains closed to new bidders, while the other remains continuously open. This inconsistency leads to unequal opportunities for vendor participation, reduces procurement transparency, and creates structural inefficiencies across the procurement lifecycle. As a result, the adoption of emerging cloud technologies is delayed, limiting the government's ability to remain agile and competitive in an era where digital transformation demands speed, adaptability, and clarity in procurement processes. Addressing these systemic issues is critical for fostering an environment where both established vendors and innovative newcomers can contribute effectively to Canada's digital modernization goals.
RECOMMENDATION: Streamline Cloud Procurement and Reduce Red Tape
Introduce a single open cloud supply arrangement for all methods of cloud delivery (IaaS/PaaS/SaaS). Introduce challenge-based procurement mechanisms with shorter review cycles and iterative approval processes to reduce procurement delays and increase competition. Empower departmental heads to implement and enforce the GC Smart Cloud policies when making decisions on selection of cloud solutions for their business requirements.
Vendor Lock-In and Interoperability
An over-reliance on a single or a limited number of cloud providers exposes the Government of Canada to significant risks, including vendor lock-in, escalating costs, and constrained flexibility in adapting to evolving technological needs. This dependence can limit the government's ability to negotiate favourable terms, pivot to alternative providers when necessary, or adopt best-in-class solutions across different service categories. Furthermore, a lack of interoperability between cloud platforms exacerbates these challenges by creating isolated data and application silos. These silos hinder seamless data sharing, collaboration, and integration across government departments, undermining the vision of a unified and citizen-centric digital government. To address these challenges, a multi-vendor cloud strategy—underpinned by robust standards for interoperability and data portability—is essential for fostering resilience, cost-efficiency, and innovation in Canada's cloud ecosystem.
RECOMMENDATION: Promote Multi-Cloud and Hybrid Cloud Strategies
Encourage government departments to adopt a SaaS-prioritized multi-cloud and hybrid cloud architectures to prevent vendor lock-in and ensure service continuity.
Best Practices from Other Jurisdictions
United Kingdom
The UK Government Digital Marketplace has revolutionized public sector procurement by providing a streamlined, user-friendly, and digital-first platform designed to simplify the acquisition of cloud services and technology solutions. Established under the G-Cloud framework, this marketplace serves as a centralized procurement portal where government organizations can efficiently source cloud services, including Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS), from a pre-approved list of suppliers.
One of the key strengths of the G-Cloud framework lies in its emphasis on flexibility, transparency, and cost-effectiveness. Public sector buyers are empowered to compare vendors, review standardized service offerings, and make informed procurement decisions without the need for lengthy and complex tender processes. The framework supports multi-vendor engagement, reducing reliance on single suppliers and mitigating risks associated with vendor lock-in.
Furthermore, the G-Cloud framework promotes the adoption of scalable, pay-as-you-go cloud services, aligning with the UK Government's Cloud First Policy. This approach not only enhances operational efficiency but also optimizes public spending by allowing departments to purchase only the resources they require. By fostering increased competition and encouraging the participation of small and medium-sized enterprises (SMEs), the G-Cloud framework has driven innovation and diversified service offerings across the public sector.
As of recent reports, the G-Cloud framework has facilitated billions of pounds in cloud service contracts, with approximately 40% of the total value awarded to SMEs, demonstrating its success in fostering inclusivity and economic growth. The framework continues to serve as a benchmark for cloud procurement best practices globally, influencing similar initiatives in other jurisdictions.
Australia
Australia's Secure Cloud Strategy represents a comprehensive approach to modernizing public sector IT infrastructure by prioritizing multi-cloud adoption to enhance resilience, flexibility, and innovation. Introduced by the Australian Government's Digital Transformation Agency (DTA), this strategy emphasizes the critical importance of data sovereignty, ensuring that sensitive government information remains protected and under sovereign control while leveraging the scalability and cost-efficiency of global cloud platforms.
Australia's Secure Cloud Strategy represents a comprehensive approach to modernizing public sector IT infrastructure by prioritizing multi-cloud adoption to enhance resilience, flexibility, and innovation. Introduced by the Australian Government's Digital Transformation Agency (DTA), this strategy emphasizes the critical importance of data sovereignty, ensuring that sensitive government information remains protected and under sovereign control while leveraging the scalability and cost-efficiency of global cloud platforms.
At the core of Australia's approach is a balanced cloud ecosystem that combines the strengths of global hyperscale providers (such as AWS, Microsoft Azure, and Google Cloud Platform) with the localized expertise of domestic cloud vendors. This dual approach not only diversifies risk but also ensures that mission-critical workloads can be hosted within Australian borders, adhering to the Protective Security Policy Framework (PSPF) and Information Security Manual (ISM) standards set by the Australian Cyber Security Centre (ACSC).
The strategy also underscores the importance of partnerships and collaboration with both public and private sector stakeholders. By fostering strong relationships with global technology leaders and local service providers, Australia ensures that government agencies have access to cutting-edge technologies, robust security controls, and agile cloud services tailored to the unique requirements of public sector operations.
Furthermore, the Secure Cloud Strategy promotes a "cloud-first" procurement model, encouraging agencies to evaluate cloud solutions as the default option for new IT investments. This approach reduces reliance on legacy infrastructure, accelerates digital transformation, and improves the government's ability to deliver citizen-centric services efficiently.
Additionally, the strategy incorporates mechanisms for continuous evaluation and improvement, ensuring that cloud services remain aligned with evolving cybersecurity threats, regulatory requirements, and technological advancements. Through initiatives such as the Certified Cloud Services List (CCSL), managed by the ACSC, government agencies can select pre-assessed, secure cloud solutions with confidence.
Overall, Australia's Secure Cloud Strategy serves as a global benchmark for balancing security, data sovereignty, and technological agility, demonstrating how governments can harness cloud innovation while maintaining stringent governance and control over sensitive information.
Addressing Common Concerns
Infrastructure Consolidation & Application Rationalization
The majority of Software-as-a-Service (SaaS) cloud providers operate their platforms and deliver services through major hyperscale cloud infrastructure providers, including Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). These hyperscalers collectively dominate the global cloud infrastructure market, controlling an estimated 65% to 68% of the total market share, with variations depending on the specific analysis period.
SaaS vendors frequently select hyperscale providers due to their unparalleled scalability, cost efficiency, and extensive global reach. Applications hosted on hyperscale infrastructures benefit significantly from economies of scale, eliminating substantial upfront capital expenditures traditionally associated with on-premises software deployments. Instead, these applications capitalize on flexible, usage-based subscription models. This paradigm shift has led numerous SaaS organizations to migrate or re-architect their platforms specifically for hyperscale cloud environments.
Although precise data quantifying the proportion of SaaS providers utilizing hyperscale platforms remains limited, the overwhelming dominance of these providers in the cloud infrastructure market strongly indicates substantial reliance by SaaS vendors. AWS alone commands approximately 31% to 33% of the market share, followed by Microsoft Azure with 20% to 25%, and Google Cloud with 10% to 11%. Collectively, these three hyperscale providers constitute the foundation of the global cloud ecosystem, supporting a significant portion of SaaS deployments worldwide.
Considering these market dynamics, it is reasonable to infer that a considerable majority of SaaS vendors—potentially exceeding two-thirds—operate their services on one of these dominant hyperscale cloud platforms.
The Government of Canada has previously conducted comprehensive security control assessments of the three major hyperscale cloud service providers—Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP)—and has verified their compliance with the government's rigorous security and privacy standards. Consequently, it can be reasonably inferred that the rationalization and modernization of legacy applications through the adoption of Software-as-a-Service (SaaS) solutions will inherently facilitate infrastructure consolidation by leveraging these pre-assessed secure environments.
Lack of Skilled Employees
In today's rapidly evolving digital economy, modern organizations are embracing a SaaS-first (Software as a Service) policy to stay agile, innovative, and competitive. By prioritizing cloud-based software solutions, companies are not only optimizing operational efficiency but also creating robust opportunities for staff upskilling and talent attraction. SaaS platforms provide employees with access to cutting-edge tools, real-time collaboration systems, and on-demand learning resources, fostering a culture of continuous growth and digital fluency. With intuitive interfaces and regular updates, SaaS tools reduce the barriers to technology adoption, empowering employees to enhance their skill sets without prolonged onboarding or extensive technical training.
A SaaS-first policy also significantly contributes to employee attraction and retention. Modern job seekers are increasingly drawn to workplaces that offer flexibility, remote-friendly tools, and access to advanced digital technologies. SaaS solutions enable seamless collaboration across geographically distributed teams, catering to hybrid and remote work models that have become the norm in the post-pandemic world. Moreover, SaaS platforms often integrate with Learning Management Systems (LMS), enabling companies to deliver personalized training and career development programs. This not only equips employees with the skills needed to excel in their current roles but also prepares them for future challenges, creating a dynamic and resilient workforce.
Furthermore, organizations that adopt SaaS-first policies benefit from scalable and cost-effective talent strategies. By leveraging data analytics and AI-powered insights embedded in many SaaS tools, employers can identify skill gaps, predict workforce trends, and create targeted training programs. This strategic approach reduces turnover rates and ensures that teams are consistently aligned with business objectives. In turn, prospective employees perceive these organizations as forward-thinking and investment-oriented workplaces, where professional growth is not just encouraged but systematically enabled.
Adopting a SaaS-first policy is not merely about technology adoption—it is about creating an ecosystem of innovation, inclusivity, and continuous learning. Companies that successfully integrate SaaS solutions into their operational and talent management strategies are not only better positioned to upskill their current workforce but also to attract the next generation of top talent eager to thrive in a digitally empowered environment.
Enhancing GC Objectives with
Improved Cloud Procurement
Improved Cloud Procurement
Improving cloud procurement, including a SaaS-prioritized approach, is critical for advancing Canada’s digital government objectives, enhancing citizen services, and driving economic growth. By adopting best practices from global leaders, streamlining procurement processes, and prioritizing security and SMB participation, the Government of Canada can build a resilient, agile, and citizen-centric digital ecosystem. Collaboration across public and private sectors, combined with a commitment to continuous improvement, will ensure Canada remains competitive in the digital era.
BARRIERS TO PARTICIPATION
WHAT BARRIERS, IF ANY, LIMIT YOUR CAPACITY TO PARTICIPATE IN A GC PROCUREMENT OF CLOUD SERVICE? DO YOU HAVE ANY SUGGESTIONS ON HOW CANADA CAN REDUCE BARRIERS IN THE PROCUREMENT OF CLOUD SERVICES?
Alignment with Commercial Acquisition Practices
The resulting procurement framework should be strategically designed to align with the commercial acquisition methodologies employed by Cloud Service Providers (CSPs) across Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) models, while maintaining full compliance with Government of Canada (GoC) procurement policies and regulatory requirements.
Unified Cloud Services Procurement Model
Establish a single consolidated Government of Canada (GC) method of supply for cloud services, enabling federal departments to access a comprehensive and diverse catalogue of pre-qualified Cloud Service Providers (CSPs) across IaaS, PaaS, and SaaS offerings. This catalogue should accurately reflect the breadth and depth of the global cloud services market and its evolving capabilities.
Single Open GC Cloud Supply Arrangement for SaaS/PaaS/IaaS:
Future GC Cloud Services Procurement vehicle should adopt an open Request for Supply Arrangement (RFSA) model, allowing for the continuous inclusion of new and innovative cloud solutions over time.
Commercial Terms vs. Government of Canada Terms
Cloud service providers rely on a standardized set of contract terms of use to efficiently operate at scale and serve a global community of users. These terms establish a consistent legal and operational framework that governs the relationship between the provider and its customers, regardless of geographic location or customer size. By using uniform terms, cloud providers can streamline their operations, reduce administrative overhead, and ensure predictable service delivery across diverse markets. Key aspects typically include provisions for data privacy, service availability, liability limitations, and acceptable usage policies. This standardized approach allows providers to manage risks, enforce security and compliance standards, and offer scalable services without the need to renegotiate terms for each individual customer. Additionally, by minimizing operational and legal complexities through standardized agreements, cloud providers can achieve economies of scale, enabling them to maintain competitive and consistent pricing across their global user base. Common terms also ensure transparency and set clear expectations, building trust with users worldwide while enabling providers to focus on innovation and infrastructure reliability rather than managing complex, customized agreements. Ultimately, these standardized contract terms are a foundational element that allows cloud services to be agile, reliable, and universally accessible.
In procuring cloud service offerings, the Government of Canada operates within a global marketplace. However, it is understood that the Government of Canada has specific requirements to align cloud service agreements with its procurement policies, regulations, and international trade obligations to safeguard the interests of Canadian taxpayers. These additional terms are essential to ensure compliance with national standards for data sovereignty, privacy, security, and accountability in public sector operations.
Recognizing this, it is recommended that the Government of Canada enable and allow the Cloud Service Provider to name and assign an authorized agent to manage the supplemental contract terms that are unique to the Government of Canada. This approach would streamline negotiations and ongoing contract management, ensuring that the specialized requirements of the Government are addressed efficiently without compromising the scalability and operational benefits of standardized global terms and standardized global cloud services. Such a mechanism would also foster clearer communication, improved accountability, and a collaborative partnership between the Cloud Service Provider and the Government of Canada, ultimately serving the public interest more effectively.
RECOMMENDATION: Enable Cloud Providers to Name and Assign Authorized Agents
Enable and allow the Cloud Service Provider to name and assign an authorized agent to manage the supplemental contract terms that are unique to the Government of Canada.
Security Assessment Independence from Procurement
The CCCS Medium Cloud Security Control profile (formerly PBMM) is the most common security requirement for cloud providers working with the Government of Canada. However, the entanglement of procurement and security profile assessment processes often creates significant barriers. The cost and time required for cloud providers to receive an assessment for higher security classifications, combined with the need for departmental sponsorship to complete these security assessments, pose substantial challenges. These hurdles deter many cloud providers from pursuing supply arrangements, limiting competition and innovation within the cloud procurement ecosystem. Addressing these structural inefficiencies is essential to fostering a more inclusive and effective cloud marketplace for government services.
RECOMMENDATION: Decouple Security Assessment from Procurement Vehicles
Enable third-party assessors to independently conduct cloud security assessments, decoupling them from the procurement process. This approach will reduce delays, lower costs for cloud providers, and remove the dependency on departmental sponsorship for security assessments.
Closed Cloud Framework Agreement vs Open SaaS Supply Arrangement
The Government of Canada’s Cloud Framework Agreement (GCCFA) disproportionately benefits multinational Cloud Service Providers (CSPs) due to its structural design and procurement methodology. The GCCFA establishes a pre-qualified list of CSPs, comprised of large multinational corporations with significant global operations and resources. This closed procurement model allows federal departments and agencies to procure cloud services directly from these CSPs through Shared Services Canada (SSC) without engaging in open competition for individual contracts. The framework’s emphasis on scalability, global reach, and adherence to rigorous security and data residency standards further advantages multinational CSPs, which are well-equipped to meet these criteria through their extensive infrastructure, certifications, and economies of scale. Additionally, these CSPs often offer Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS) solutions that directly compete with leading industry SaaS providers. Because the GCCFA is a closed system, federal departments frequently resort to a simplified procurement process, effectively sidelining the broader SaaS industry and discouraging its engagement with the Government of Canada.
The closed GCCFA procurement process imposes significant challenges on small cloud providers, as the extensive requirements and prolonged response timelines necessitate large, multi-functional proposal teams. This dynamic inherently favours large multinational providers that possess the resources and dedicated staff to meet these demands. Conversely, innovative start-ups and small-to-medium-sized businesses (SMBs) are often unable to allocate the time and resources needed to navigate such cumbersome and protracted procurement processes, further tilting the advantage toward multinational CSPs.
This systemic preference for multinational CSPs carries significant ramifications for Canada’s domestic cloud services market. By defaulting to GCCFA’s pre-approved vendors, federal departments bypass opportunities to collaborate with innovative SaaS providers, including Canadian companies, thereby stifling competition, and diminishing incentives for local technological advancements. Furthermore, the concentration of public sector cloud expenditures among a few foreign-based entities raises concerns about economic sovereignty and hampers the development of a robust domestic cloud ecosystem. For instance, Canadian SaaS providers offering competitive, regionally tailored solutions often struggle to gain visibility or market access under the current framework. Over time, this dynamic risks eroding market diversity and resilience, as smaller players face marginalization, consolidation, or forced exit, leaving Canada’s cloud infrastructure increasingly dominated by a limited number of global entities.
RECOMMENDATION: Implement a Single Open GC Cloud Request for Supply Arrangement for SaaS/PaaS/IaaS
To mitigate these issues, future GC Cloud Services Procurement vehicle should adopt an open Request for Supply Arrangement (RFSA) model, allowing for the continuous inclusion of new and innovative cloud solutions over time.