Over the past several years, the government has imposed new requirements that have had, and will likely continue to have, significant impacts on government contractors. Two of these new requirements involve compliance and ethics programs, and business systems which are discussed in this section.
Compliance and ethics programs
The government procurement process became an area for increased political and media focus in the recent past particularly with regards to procurements placed to assist with the War on Terror and Hurricane Katrina. Allegations of corruption, poor performance, and illegal and unethical behavior were not unusual and it became conventional wisdom that government contracting needed to significantly increase compliance and ethics program requirements in government contracts. It is unfortunate that there was far less publicity later when many of the allegations proved either baseless or far less serious than originally alleged.
The new compliance and ethics requirements became effective in April 2010 and apply to all contracts in excess of $5,000,000 with a performance period of 120 days or more. Contractors are required to establish a written code of business ethics and conduct within 30 days of contract award and to make it available to each employee involved in the performance of the contract. Unless the contract is awarded to a small business or involves the procurement of a commercial item, the regulations also require the contractor to establish business ethics/awareness and compliance programs within 90 days of contract award. The business ethics/awareness program requires contractors
to conduct periodic training for its employees, agents and subcontractors involved in the performance of the contract. Contractors are also required to exercise due diligence to prevent and detect criminal conduct, and otherwise promote an organizational culture that encourages ethical conduct and a commitment to comply with the law. If this was all that the compliance regulations required, the risks to contractors would be minimal. Unfortunately, they require far more.
The new regulations require a contractor to disclose in writing to the government agency’s Office of Inspector General (OIG) and contracting officer whenever the contractor has credible evidence that a principal, an employee, an agent or a subcontractor may have committed a violation of federal criminal law involving fraud, conflict of interest, bribery or gratuity violations, or Civil False Claims Act violations. This is a very heavy burden on government contractors because the penalties for non-disclosure can be severe. We have observed that in many instances contractors make formal disclosures to the government for practically any allegation received from any current or ex- employee, no matter how frivolous the allegations may appear to be, or how disgruntled the employee or ex-employee may be. If the intent of the regulations is to eliminate all unethical behavior in government procurements, we find it interesting that contractors are required to disclose violations by principals, employees, agents and subcontractors but are not required to disclose violations committed by government officials with whom they interact on the contract.
New compliance regulations proposed by the Department of Labor
On May 28, 2015, the government proposed an amendment to the FAR which, if adopted, could have far reaching implications for government contractors. The proposed FAR changes have three basic requirements: (1) Contractors and subcontractors will have to report whether, within the preceding three-year period, they were found to have violated certain labor laws through an administrative merits determination, an arbitration award or decision, or a civil judgment. Based on the information provided, the contracting agency must make a responsibility determination before making future awards. (2) Contractors may be required to provide paychecks to workers in languages other than English. (3) Contractors with contracts exceeding $1 million may not impose pre-dispute arbitration agreements for claims under Title VII of the Civil Rights Act.
The regulations also require contractors to maintain internal controls with standards and procedures to facilitate timely discovery of improper conduct in connection with government contracts, which assure that corrective measures are promptly taken to correct the situation. The internal control program must include (a) monitoring and auditing to detect criminal conduct; (b) periodic evaluation of the business ethics/awareness and compliance programs, and the internal control systems; (c) periodic assessment of the risk of criminal conduct, with appropriate steps to design, implement, or modify the business ethics/awareness and compliance programs and the internal control systems as necessary to reduce the risk of criminal conduct; (d) an internal reporting system, such as a hotline, that allows for anonymity or confidentiality by which employees may report suspected instances of improper conduct, and instructions that encourage employees to make such reports; (e) disciplinary action for improper conduct or for failing to take reasonable steps to prevent or detect improper conduct; and (f) timely disclosure of suspected violations to the agency’s OIG and contracting officer.
We asked companies subject to the internal controls requirements whether they are conducting the required periodic monitoring and auditing and only 37% report that such audits are being performed. Given the strict requirements in the regulations and the potentially severe repercussions for non-compliance, we recommend that contractors required to conduct such audits be sure to complete them. We also strongly recommend that the audits be performed by individuals with extensive government contracting experience so that audit findings can be properly interpreted. Finally, we also recommend that the causes of any issues identified in the audit be identified as part of the audit in order to avoid an overreaction to a minor technical violation and to avoid unnecessary disclosures of such minor items to the agency OIG and contracting officer.
We also asked companies their opinions as to whether the compliance regulations are reasonable and cost-effective. The results are shown in Figure 29 along with the results from the four previous surveys. As shown, a very large percentage of surveyed companies believe the compliance regulations are neither reasonable nor cost-effective.
2015 survey 2013 survey 2012 survey Regulations reasonable and cost-effective Regulations excessive and not cost-effective 37% 41% 40% 52% 52% 50% 95%
Fig 29. Cost-effectiveness of compliance regulations 63% 59% 60% 48% 48% 2011 survey 2010 survey
32 Grant Thornton's 2015 Government Contractor Survey
DCAA often took a very conservative approach to any perceived imperfection which it found during audits and tended to identify any concern as significant.
A government report that concludes a business system is inadequate can have far greater consequences to contractors than merely payment withholdings on existing contracts. Indeed, an acceptable cost accounting system is a prerequisite for award of contracts that are either cost reimbursable, T&M, labor hour, or FFP contracts with progress payments based on cost.
Not surprisingly, DCAA’s reluctance to accept the adequacy of cost accounting systems quickly became an impediment to the award of contracts by procurement officials and DoD acted decisively in 2014 to eliminate that impediment by minimizing DCAA’s role in accounting system reviews.
On June 26, 2014, DCAA issued a new policy which stated that DCAA’s accounting system audits would no longer include an opinion on the adequacy of the accounting system but rather would be closed with a memorandum to the contracting officer identifying any practices that DCAA believes are not in accordance with DoD guidelines. Under the new policy, the adequacy of the system is determined by the contracting officer rather than by DCAA.
On July 15, 2014, DoD issued a notice of proposed rulemaking which further minimized DCAA’s role in the evaluation of cost accounting systems. The purpose of the proposed rule was to “entrust contractors with the capability to demonstrate compliance with DFARS system criteria for contractors’
accounting systems, estimating systems, and material management and accounting systems (MMAS) based on contractors’ self- evaluations and audits by Certified Public Accountants (CPAs) of their choosing.” Under the proposed rule, DCAA’s role would be limited to performing overviews of the results of contractor self-evaluations and CPA audits.
These changes will likely have a major impact on how government contractors handle employee complaints and will almost certainly cause significant harm to a company who receives a negative responsibility determination from the contracting agency. This change will also be expensive to implement and manage and the government will wind up bearing the costs for these new compliance regulations. If the proposed regulations are adopted and incorporated into the FAR, we recommend that government contractors confer with legal counsel to assure internal procedures are adopted to minimize the harm that may come from the proposed regulations.
Contractor business systems
In February 2012, the DoD issued a final rule on contractor business systems and amended the Contractor Business Systems clause at Department of Defense FAR Supplement (DFARS) 252.242-7005 to incorporate the final rule.
The amended clause applied to all contracts subject to CAS, regardless of whether the contract is subject to full or modified CAS. The requirements applied to six business systems including (a) cost accounting; (b) EVMS; (c) estimating; (d) material management and accounting; (e) property management; and (f) purchasing. Separate DFARS clauses have been implemented for each of the six business systems setting forth the specific criteria for acceptable systems.
In the event the government identifies significant deficiencies during an audit of a business system, the clause allows the government to withhold payments against all CAS-covered contracts including cost reimbursement contracts, incentive type contracts, T&M contracts, labor hour contracts, progress payments, and performance-based contracts. The amount withheld must be 5% for one or more significant deficiencies in a single business system and 10% for significant deficiencies in multiple business systems.
Unfortunately, the definition of a significant deficiency in the clause is broad and leaves much to the imagination of the individual auditor. The language in the clause defines a significant deficiency as a shortcoming in the system that materially affects the ability of DoD officials to rely upon information produced by the system and needed for management purposes. Predictably,
We asked surveyed companies whether or not there had been any recent government audits of their business systems and the results are shown in Figure 30. Less than one third of the respondents have had recent business systems audits by the government. We also asked whether or not the cost accounting systems have been reviewed and deemed acceptable for government contracting and only 71% replied in the affirmative. We’ve observed that government solicitations for new business frequently request information on the approval status of certain business systems. If no formal government approval of the system exists, we recommend that companies that are faced with the requirement for acceptable business systems as a condition of award utilize the July 15, 2014 DoD rule and obtain audits of business systems by qualified CPA firms of your choosing.
Some None
Fig 30: Recent government audits of business systems Yes 30%
34 Grant Thornton's 2015 Government Contractor Survey 34 Grant Thornton's 2015 Government Contractor Survey