Are Representations (Reps) and Certifications (Certs) Required of Subcontractors?

If only the Government made this an easy answer. There are some representations and certifications that you need to get from your subcontractors. However, many in both industry and the Government think the requirement for “Reps and Certs” flows down in all cases.

What Does the FAR Say?

FAR 4.12, Representations and Certifications, provides that the scope of this section of the Federal Acquisition Regulations (FAR) requires “submission and maintenance of representations and certifications via the System for Award Management (SAM) to-

(a)  Eliminate the administrative burden for contractors of submitting the same information to various contracting offices;

(b)  Establish a common source for this information to procurement offices across the Government; and

(c)  Incorporate by reference the contractor’s representations and certifications in the awarded contract.”

No mention whatsoever of subcontracts, subcontractors, or the burden on higher-tier contractors.

What is Required of a Higher-Tier Contractor?

FAR 52.204-7, System for Award Management, and 52.204-8, Annual Representations and Certifications, provide guidance on the use and requirements for the SAM as well as representations and certifications. FAR 52.204-7 requires, in general, registration in SAM when purchases are greater than the micro-purchase threshold and the contractor is submitting an offer directly with the Federal Government (i.e., as a prime contractor). FAR 52.204-8 requires an extensive listing of annual representations and certifications for all purchases where the contractor is submitting an offer directly with the Federal Government (i.e., as a prime contractor) except those for commercial products and services. FAR 52.212-3, Offeror Representations and Certifications—Commercial Products and Commercial Services, provides annual representations and certifications for commercial products and services where the contractor is submitting an offer directly with the Federal Government (i.e., as a prime contractor). FAR 52.204-7, 52.204-8, nor 52.212-3 include a requirement for SAM registration or annual representations and certifications to be flowed down below the prime contract level.

Based on my review of the Defense Contract Management Agency (DCMA) CPSR Guidebook, the only representations and certifications required below the prime contract level, or at least, the only ones the CPSR teams check for, are:

• FAR 52.203-11, Certification and Disclosure Regarding Payments to Influence Certain Federal Transactions, and 203-12, Limitation on Payments to Influence Certain Federal Transactions, regarding certification and disclosure of payments to influence any person in connection with the awarding of any federal contract, are required in all purchases exceeding $150,000.
• FAR 52.209-6, Protecting the Government’s Interest When Subcontracting With Contractors Debarred, Suspended, Proposed for Debarment, or Voluntarily Excluded, related to ensuring debarred or suspended contractors (i.e., excluded parties) are properly excluded from subcontract award, required in all purchases exceeding $35,000 that are not for commercial off the shelf (COTS) products.
• FAR 52.215-12, Subcontractor Certified Cost or Pricing Data, and 215-13, Subcontractor Certified Cost or Pricing Data-Modifications, regarding certification of cost or pricing data when both the prime and subcontract are not exempt under FAR 15.403-1(b) and the dollar value exceeds $2M, the current truthful cost or pricing data threshold.
• FAR 52.219-8, Utilization of Small Business Concerns, and 219-9, Small Business Subcontracting Plan, regarding representation of the subcontractor as a specific type of small business per the criteria and size standards in 13 CFR part 121 to support development and reporting of small business planning.
• FAR 52.230-1, Cost Accounting Standards Notices and Certification, related to Cost Accounting Standards (CAS) notices and certification, regarding CAS coverage of your subcontracts.

A Couple of Quick Side Notes:

• Unique Entity Identifier: FAR 52.204-6, Unique Entity Identifier, and 204-12, Unique Entity Identifier Maintenance, contain no requirement to flow them down to subcontracts. Yet, FAR 52.204-10, Reporting Executive Compensation and First-Tier Subcontract Awards, under (d)(2)(i) requires the prime contractor to enter the “Unique Entity Identifier” of its first-tier subcontractors into SAM.gov (formally FSRS.gov). This creates a – let’s call it sneaky – way of requiring subcontractors to get and maintain a “Unique Entity Identifier.”
• DCMA CPSR Guidebook: Rumor has it that DCMA issued an updated guidebook in 2024, but does not plan on making it available to the public due to the incorporation of internal agency guidance.

What Do Most Higher-Tier Contractors Do?

I have found that most higher-tier contractors implement policies and procedures placing a similar onerous representations and certifications process on themselves as required of the contracting officers. All subcontractors are required to complete a lengthy list of representations and certifications or be registered in SAM.gov with current representations and certifications. This can significantly impact the number of companies willing to do business with you, especially those small businesses with limited resources to support the overwhelming number of representations and certifications.

What Should Higher-Tier Contractors Do?

As discussed above, the DCMA CPSR Guidebook significantly limits the expected number of representations and certifications. Higher-tier contractors should only address the DCMA CPSR Guidebook’s expected representations and certifications:

• FAR 52.203-11, Certification and Disclosure Regarding Payments to Influence Certain Federal Transactions, and 52.203-12, Limitation on Payments to Influence Certain Federal Transactions, get one certification at the time of awarding the subcontract.
• FAR 52.209-6, Protecting the Government’s Interest When Subcontracting With Contractors Debarred, Suspended, Proposed for Debarment, or Voluntarily Excluded, check the excluded parties listing when qualifying a new subcontractor, before sending out requests for quotes or requests for proposals, and include language (see below) in your subcontracts.
• FAR 52.215-12, Subcontractor Certified Cost or Pricing Data, and 52.215-13, Subcontractor Certified Cost or Pricing Data-Modifications, obtain truthful cost or pricing data certification only when required.
• FAR 52.219-8, Utilization of Small Business Concerns, and 52.219-9, Small Business Subcontracting Plan, obtain a representation from the subcontractor as to its small business type per the criteria and size standards in 13 CFR part 121. Per FAR 52.219-8(e), the higher-tier contractor can accept a subcontractor’s representation of its size and socioeconomic status unless the Contractor has reason to question the representation. The subcontractor cannot be required to register in SAM. Additionally, the higher-tier contractor must confirm that a subcontractor is a HUBZone small business concern by accessing SAM or by accessing DSBS. Not to worry, the higher-tier contractor “acting in good faith is not liable for misrepresentations made by its subcontractors.”
• FAR 52.230-1, Cost Accounting Standards Notices and Certification, related to Cost Accounting Standards (CAS) notices and certification, required only when the higher-tier contract or subcontract is CAS-covered.

The DCMA recommended language for debarment in subcontracts is: “By signing/acknowledging this subcontract/PO, you (subcontractor) hereby certify that you and/or any of your Principals -- are not presently debarred, suspended, proposed for debarment, or declared ineligible for the award of contracts by any Federal agency.”

Because of the joys of contracting with the Federal Government, this does not end your requirements. While you are not required to get representations and certifications from your subcontractor, you are required to ensure your subcontractors comply with the many flowdown requirements you will be passing to them. For example, FAR 52.204-21, Basic Safeguarding of Covered Contractor Information Systems, and DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, may be required should you have to provide covered information (i.e., controlled unclassified information – CUI) to your subcontractors. This includes subcontractors providing commercial products or services, except for COTS. These clauses require the subcontractor to implement basic safeguarding requirements and possibly NIST SP 800-171 security requirements. While a representation or certification is not required, you must educate potential subcontractors of the contractual requirement that will be placed on them. It is important to ensure your subcontractors understand all the contractual flowdown requirements they will have to comply with, which are numerous.

Best Practice: Have an annual training for your subcontractors to go over any new requirements and key requirements that can get you and them into hot water.

Expert Support for Navigating Government Contract Requirements

Redstone GCI works with contractors across the United States and internationally to help them understand government requirements and maintain an effective, compliant purchasing system. Our team assists with assessing compliance against DCMA CPSR requirements and expectations, updating and refining policies and procedures, and delivering targeted training for purchasing staff and subcontractors. We also support clients in resolving findings from government audits and reviews, helping to mitigate risk and maintain operational efficiency. Through our Contracts and Subcontracts services, we provide guidance that enables contractors to meet regulatory obligations, strengthen internal processes, and maintain readiness for oversight at every stage of the contract lifecycle.