DoD IG small business subcontracting audit findings: What it means for prime contractors
On March 7, 2022, the Department of Defense Inspector General (DoD IG) issued audit findings that highlighted several deficiencies within DoD contracting personnel handling of Small Business Subcontracting Requirements. According to the IG’s findings, the objective of the audit was to determine whether DoD contracting officials conducted sufficient contract oversight to ensure that contractors’ awarded small business set-aside and sole-source subcontracts complied with small business subcontracting limitations in accordance with applicable laws and regulations.
The audit findings concluded that DoD contracting personnel were inadequately verifying compliance with subcontracting limitations by only tracking and monitoring the amounts prime contractors paid to subcontractors. In addition, DoD personnel did not have the proper documentation such as contractor reports to support compliance with subcontracting limitations. Finally, as part of DoD IG audit scope, personnel were unable to confirm 34 out of a sample of 49 contracts whether prime contractors reported first-tier subcontract award information in the Federal Funding Accountability and Transparency Act (FFATA) Subaward Reporting System (FSRS).
Due to these noted deficiencies, we can expect that within the coming months there will likely be increased scrutiny by DoD contracting personnel on prime contractor compliance with the handling of subcontracting limitations and with first-tier subcontract award reporting requirements.
What is the impact? Why does this matter?
The deficiencies that were noted in the DoD IG report illustrate that the contracts may not have provided the intended benefit to the programs established to support socially and economically disadvantaged companies because adequate documentation did not exist to support contractors’ compliance with subcontracting limitations.
For active contracts, these findings can lead to questioned costs and significant fines and penalties for claimed costs over the permitted subcontracting threshold. According to 15 U.S.C 645, an entity that exceeds a limitation on subcontracting must be fined the greater of $500,000 or the dollar amount expended more than permitted levels on subcontractors. Cost could also be questioned as unsupported because the necessary documentation is not available at the time of request.
Finally, there is substantial False Claims Act liability that can be included as part of the overall contractor deficiency reporting process. This will require additional resources, such as legal cost, to defend and could lead to substantial contractual issues for future periods.
What can prime contractors do now?
Prime contractors should complete a thorough review of all active contracts where a subcontracting plan was required or has incurred subcontract cost to verify compliance with all required clauses. This review should include the process that is in place to verify that subcontract agreements include the proper flow down clauses to meet any mandatory or discretionary requirements. The onus is on the prime contractor to make sure that the subcontract terms and conditions are complied with.
For future compliance tracking, we believe contractors should:
- Develop procedures for documentation requirements for subcontracts including the actual subcontract award, justification for the subcontract award (including reasonableness determination), subcontract proposal (cost and narrative), submitted invoices, evidence of payment, and technical documents.
- Develop review procedures internally to ensure subcontractors are compliant with all prime clauses related to FAR 52.219-14 Limitations on Subcontracting. This would include making sure the subcontracting limitations are being met throughout the life of the contract.
- Develop procedures to ensure all reporting requirements are being met. This would include reporting first-tier subcontract awards in FSRS as required by FAR 52.204-10 Reporting Executive Compensation and First-Tier Subcontract Awards. (The audit report highlighted this as a deficiency. Therefore, we anticipate this area will be further evaluated and reviewed thoroughly.)
- Prepare well documented and thorough contract briefs, or equivalent documents that summarize key contractual requirements for use by project managers and back-office support. These briefs should be regularly maintained and communicated to ensure compliance with all applicable FAR clauses both at a prime and subcontract level.
The bottom line lesson to always keep in mind is that the federal government can only hold the prime contractor responsible for subcontract compliance and can never ask for support from any subcontractor.
Kean Reilly, CFE, Manager, Government Contracting practice
703.744.6731
Related Services
-
InsightGovernment contractor valuation tracker: H2 2022In this latest Government Contractor Valuation tracker, we share key valuation indicators to help GovCon management teams and investors keep track of industry valuation benchmarks and trends.
-
InsightSeeking federal funds for clean energy projects? Consider these factorsArthur Simonson, Richard Meene, Chase ClarkToday’s infrastructure funding opportunities for clean power projects bring tricky-to-navigate applications and compliance requirements. Read our overview.
-
InsightThe benefits of third-party audits of business systemsBryan Craig, John Doherty, Dan CarlsonGovernment contractors can use third-party auditors to perform business system audits and reap the benefits. Here’s how. Learn more.
-
On-demandUpdates and trends on COVID relief programs for Government ContractorsHear the latest developments and government contracting industry trends to stay one step ahead of your competition by understanding how COVID relief programs and audits may affect your operations.
-
InsightCMMC implementation likely shifting to 2024, but contractors should still prepare nowBhavesh Vadhani, Daryouche BehboudiRather than “kick the can,” defense contractors should take advantage of this additional time to further assess and strengthen their cybersecurity posture.