Redstone Government Consulting Blog | Lynne Nalley, CPA (4)

Contractors are required to keep their System of Award Management (SAM) registration up to date. FAR 52.204-7(b)(1) requires an offeror to be registered in the System of Award Management (SAM) when submitting an offer/quote, registered until the time of award, during performance, and through final payment. Sounds pretty easy. However, contractors are not always registering or updating their registration, resulting in ineligible awards, as noted in recent court cases (See our blog: SAM Registrations: Check Often and Never Let it Lapse!).

My company only sells to the Government so my products/services can’t be commercial. Truth or Myth. This is a myth. If you are selling products/services under FAR 15 based contracts or subcontracts, submitting certified cost and pricing data and documenting other accounting and purchasing requirements that come along with it, when the products/services technically meet the definition of commercial under the FAR – it may be time to rethink your approach.

Most contractors that have contracts/subcontracts subject to full CAS coverage will eventually want to make a change to a cost accounting practice because there is a “better” allocation method or a change is required to remain in compliance with CAS.

Since the Department of Justice (DOJ) started promoting its initiative on Cyber Security reporting there have been several settlements related to cyber security noncompliance, four of which involve defense contractors.

Suppose your company is working on a grant or cooperative agreement or planning to submit a proposal in response to a funding opportunity announcement. In that case, the regulations that apply will be Code of Federal Regulations (CFR) Title 2 Grants and Agreements. The problem is, when you receive a grant, generally, the award agreement says to comply with 2 CFR. There are no specific clauses or wording; basically, you are responsible for reading the entire regulation to see what applies to your award. 2 CFR includes inconsistent language and terms.

The FAR Council submitted a proposed rule amending FAR subparts, provisions, and clauses on October 3, 2023, to implement an Executive order on cyber threats, incident reporting, and information sharing for Federal contracts. This revision is being made to strengthen and standardize contractual requirements for cybersecurity across Federal agencies. The proposed rule also implements OMB Memorandum M-21-07 Completing the Transition to internet Protocol Version 6 (IPv6), dated November 19, 2020.

The FAR Council published an interim rule effective June 2, 2023, that bans TikTok on contractor and contractor employee electronic devices that are used in the performance of federal contracts.

In our article, Understanding your Lower-Tier Relationships with Subrecipient and Contractor Determinations under 2 CFR 200, we addressed the required determination as to whether the lower-tier organization supporting your Awards or Subawards are classified as subrecipients or contractors. Now that the determination is made and documented is that all that needs to be done? Well no.

On June 9, 2023, the Office of Management and Budget (OMB) issued M-23-16, Update to Memorandum M-22-18, providing an extension to the deadline for software developers to submit attestation forms to Federal agencies.

On April 27, 2023, The Cybersecurity and Infrastructure Security Agency (CISA) of The Department of Homeland Security (DHS) published a draft Secure Software Development Attestation Form. Software producers that sell to the government will be required to complete the self-attestation form to attest that the software they produce was developed in conformity with specified secure development practices.