For those of you who may have thought there could be a silver lining to coronavirus restrictions from reduced audit effort, think again! Actual postponement of audits will be rare.
Section 880 of the National Defense Authorization Act (NDAA) included provisions restricting the use of the Lowest Price Technically Acceptable (LPTA) source selection criteria to only procurements where:
On December 18, 2018 the Administrative Judge, in ASBCA No. 61583, denied the contractor’s appeal and granted the Government’s request for summary judgement related to the contractor’s claim that it was entitled to a penalty waiver because the contractor did not demonstrate that it “had adequate policies, training, controls, and review systems, and that it inadvertently incorporated the [unallowable cost]” in its incurred cost proposals. This decision serves as a reminder of the importance of maintaining adequate policies and procedures.
We have recently had to deal with issues related to DCAA applying DFARS business system rules in DFARS 252.242-7006 Accounting System Administration in its evaluation of small business client accounting systems. The DFARS business system rules were never intended to be applied to small businesses. Further, the limited resources of a small business make it very difficult for a small business to fully comply with all 18 of the specific criteria contained in the business system rules. DFARS 252.242-7005 regarding the applicability of the business system rules states:
On April 12, 2016, the Department of Justice (DOJ) and the Federal Trade Commission (FTC) issued a joint statement explaining their standard of review under the antitrust statutes of proposed transactions (mergers, teaming agreements, and other joint business arrangements) acquisitions, within the defense industry. The DOJ and FTC are responsible for reviewing mergers in the defense industry under Section 7 of the Clayton Act, which prohibits mergers whose effect “may be substantially to lessen competition, or to tend to create a monopoly.”
Topics: Defense Contractors
Over the past few years, the Department of Energy (DoE) has, to the unpleasant surprise of some prime contractors, quietly been inserting contract clauses in all of their management and operating contracts and some non-management and operating contracts making prime contractors responsible for not only managing their subcontracts but also for auditing their subcontracts. More recently, the Inspector General has been conducting reviews of prime contractors for compliance with this requirement and contracting officers have been placing greater emphasis on enforcing the requirement.
For years, DCAA has promised Congress it would get current on its incurred cost backlog. For years, it has failed to deliver on that promise. Logically, you would have expected DCAA to address the quality of their audits (or lack thereof) and eliminate the inefficiencies caused by, among other issues, (i) failure to adequately assess risk, (ii) performance of unnecessary procedures due to fears of failing the internal quality control reviews, regardless of risk, (iii) inadequate understanding and misinterpretation of regulatory requirements, and (iv) failure to have sufficient communication with the contractor to understand the issues. Unfortunately, that has not been DCAA’s approach. Instead, DCAA chose to increase the thresholds for the incurred cost submissions selected for audit, write off millions in lieu of audit, and claim victory. That strategy failed once they ran out of low hanging fruit to write off and still needed to do actual audits.
DFARS 252.242-7006(c)(8) specifically requires management reviews or internal audits of the system to ensure compliance with the contractor’s established policies, procedures.
One of the first things a DCAA auditor looks at when auditing a contractor’s accounting system is its policies and procedures. Policies and procedures represent control activities that are essential for an adequate system of internal controls. Good policies and procedures help ensure consistent operations in accordance with management objectives. DCAA cites policy and procedure inadequacies or the failure to comply with policies and procedures in virtually every deficiency report it issues related to internal controls.
On November 12, 2014, the U.S. Government Accountability Office (GAO) issued its report on the results of its review of DCAA actions to comply with section 832 of the National Defense Authorization Act (NDAA) for Fiscal Year 2013, regarding requests for company internal audit reports. The purpose of the GAO review was to assess the extent DCAA’s revised guidance “(1) complied with the act, and whether selected requests for company internal audit reports were documented in accordance with requirements, and (2) contains safeguards to help ensure that companies’ internal audit reports are used only for authorized purposes.”