“Help! We received a letter from our ACO informing us that they will be conducting a Contractor Purchasing System Review (CPSR) three months from now – can you help us?” This is a scenario we hear all too frequently these days. As promised, DCMA has ramped-up their efforts to ensure contractors purchasing systems are being reviewed and assessed for adequacy.

Is this you? Have you received a CPSR Risk Assessment Form from your ACO? Did you accurately identify the government sales from which a purchasing review universe will be derived? Do you realize the review period will be for a 12 month period that has already happened? CPSRs are based on the past, not the future. Are you ready?

If not, don’t panic, you may still have time to make your purchasing system compliant. If you have been notified that a review will be occurring, are a first time auditee and are fairly certain you will have significant deficiencies and ultimately “fail”, we recommend you talk with your ACO.   It is not in their best interest for contractors to fail. We have been successful with several of our clients in having their first CPSR’s “pushed” out to a later review period (anywhere from a three month to one year extension). Discuss your company’s current state and planned changes to become compliant with the ACO.   Be specific in your intended plans of implementation as follows:

  • Development of policies and procedures;
  • Hiring or changes of personnel;
  • Engagement of outside expertise to assist with changes and implementation;
  • Implementation date (be specific and reasonable in time frame – remember they may delay the review, but prefer at least 6 – 8 months of data to sample)

What is the Purpose of CPSR?

The purpose of a CPSR is to determine if a contractor’s purchasing system and related internal controls comply with applicable laws and regulations, are effective over compliance with applicable laws and regulations, and are adequate and operating effectively. Contractors should evaluate their purchasing system by using the following regulations and DCMA guidance:

  • DFARS 252.244-7001 – Contractor Purchasing System Administration
  • FAR Subpart 44.3 – Contractor Purchasing System Reviews
  • DCMA Instruction 109 – Contractor Purchasing System Reviews (sets forth 24 system criteria)
  • DCMA Policies and Procedures Checklist
  • DCMA CPSR Guidebook

Typical Findings of DCMA CPSR Audits are as Follows:

  • Written policies and procedures do not adequately address an applicable FAR or DFARS requirements (e.g. policies do not exist for certain requirements or are poorly written);
  • Noncompliance with public laws, regulations and prime contract requirements.
  • Inadequate lead time;
  • Lack of competition, too many sole/single source and lack of adequate justifications;
  • Failure to adequately perform and/or document price analysis and source selection;
  • Inadequate FAR/DFARS flow-downs;
  • Inadequate representations and certifications package;
  • Failure to adequately conduct and document commercial item determinations;
  • Failure to obtain required certifications at time of award (e.g., TINA, CAS, suspension/debarment, limitation on use of appropriated funds);
  • Lack of documentation (PR, quotes, memos, price analysis, etc…)

CPSR is a business system review and is technically not contract specific.  However, if your contract has a CPSR requirement and your company sales to the government in the next 12 months is expected to be > $25 million or more (excluding competitively awarded Firm-Fixed Price (FFP) and sales of FAR Part 12 Commercial Items), a CPSR could be in your future. Regardless, as a prudent government contractor, your company has signed up to federal laws and regulations that include several requirements that lead to having a compliant purchasing system.

We recommend you don’t wait until the ACO and DCMA “come-a- knockin.”  It’s time to dust off those “old” policies and procedures (if there are any) and ensure they meet “today’s” requirements for CPSR. Review your company’s purchasing processes and modify where needed. There are many negative consequences as a result of failing a CPSR. The most important to a contractor is the “bottom-line”. Failure to pass a CPSR can result in a withholding or withdrawal of your company’s purchasing/subcontracting system. This would result in your company’s inability to issue a subcontract without first seeking written approval (Advanced Notification and Consent) from the ACO. This can cause:

  • Delays in deliveries and increase in overhead expenses.
  • Substandard prime contract performance and increased government oversight.
  • Loss of Revenue and delayed billings/collections.
  • Disqualification on competitive request for proposals.

Should you need assistance it’s better to contact an expert sooner rather than later. A qualified expert can walk you through the process and assist in ensuring the implementation of a compliant system.

Written by Redstone Team

About Redstone GCI

Redstone GCI is a consulting firm focused on fulfilling the needs of government contractors in all areas of compliance. With a singular mission to help contractors through the multiple layers of “red tape,” we allow contractors to focus on what they do best – support their mission with the U.S. Government. We are home to a group of consultants made up of GovCon industry professionals, CPAs, attorneys, and retired government audit and acquisition professionals.

Our focus and knowledge of audit and compliance functions administered by DCAA and DCMA will always be at the heart of what we do. However, for the past decade, we’ve strategically grown to support other areas of the government contractor back-office with that same level of focus and expertise. We’ve added expertise in contracts management, subcontract administration, proposal pricing, various software systems, HR and employment law, property administration, manufacturing, data analytics/reporting, Grant specialists, M&A, and many other areas. When we see a trend in the needs of contractors, we act to ensure we can provide the best expertise in the market to fulfill those needs.

One thing our clients can be certain of is that with the Redstone GCI Team in your corner, there is no problem too big and no issue too technical for our team to tackle.

Topics: Compliant Accounting Infrastructure, DFARS Business Systems, Contractor Purchasing System Review (CPSR)