Redstone Government Consulting Blog | DFARS Business Systems (11)

As a follow-up to our recent blog post, My CPA Audited My Financial Statements. Does That Mean My Accounting System is Adequate?  where we covered some differences between a financial statement audit and an adequate accounting system, we received several great questions from our readers.  We thought it might be beneficial to address them via a new blog post for the benefit of all our readers.  We welcome discussion on our blogs, though we do so in private via email.  In this case, though, these questions are ones we see frequently and impact all companies doing business with the U.S. Government.

Recently, there has been much discussion around comments made by Katie Arrington, the special assistant to the Assistant Secretary of Defense for Acquisition for Cyber in the Office of the Under Secretary of Acquisition and Sustainment in DoD.  She made the following statement before a roomful of vendors at the PSC meeting in Arlington, VA.

We have recently had to deal with issues related to DCAA applying DFARS business system rules in DFARS 252.242-7006 Accounting System Administration in its evaluation of small business client accounting systems. The DFARS business system rules were never intended to be applied to small businesses. Further, the limited resources of a small business make it very difficult for a small business to fully comply with all 18 of the specific criteria contained in the business system rules. DFARS 252.242-7005 regarding the applicability of the business system rules states:

Government furnished property can be a headache, even for the most seasoned contractor. It can include thousands of tiny parts, multi-million-dollar pieces of equipment or both – often all on one contract in an old dark government building. We have identified some common, and not-so-common, areas we see missing in contractor government property management plans.

It has been years since the contract period of performance has ended, DCAA has finally concluded their audit or review of your incurred cost proposal, and you have received the final indirect rate letter from DCAA. Now what? By design, the contract closeout process begins in earnest.   Typically, the Administrative Contracting Officer (ACO) is responsible for initiating administrative closeout of the contract after receiving evidence of its physical completion.

With a Presidential Memorandum halting all proposed federal regulations that have not yet taken effect and pausing the Department of Labor’s (DOL) appeal of the nationwide injunction on the overtime rule which would double the minimum salary for exempt status, we are curious how the new administration will impact employer responsibilities, particularly those of federal contractors. While we certainly hope for some respite, we won’t speculate on what might happen, and we continue to encourage employers to be diligent in compliance with those regulations which have recently taken effect as well as those that employers have been slow to tackle.

MMAS (Material Management and Accounting System reviews are a very complex undertaking for both the company involved and auditors assigned.  MMAS encompasses several areas, which by themselves can be difficult to grasp, but when combined into one overarching system can present issues often not encountered in other business system audits. DCAA auditors themselves usually do not have day-to-day exposure to most of the automated aspects of an MMAS such as with ERP systems, MRP, or grouping pegging and distribution. Through no fault of their own, the vast majority of auditors do not use or even understand the inner workings of these systems, do not use them in their review duties, and are not trained to properly address the various aspects of them. Sure, they may become exposed to them via the reviews of certain reports generated by ERP type systems, but in almost all cases, they do not understand the underlying computerized aspects of them. Most contractor personnel will have a more extensive knowledge of the various systems, but in actuality, most are only vaguely familiar with most areas other than the functional discipline they are assigned to.

In a report issued on July 26, 2016, the DOD- IG (Department of Defense Inspector General) concluded that DFAS (Defense Finance and Accounting Service) and the Department of the Army (Army General Fund or AGF) failed to support $4.44 Trillion in JV (Journal Voucher) Adjustments.   

On July 6, 2016, the DOE (Department of Energy) quietly withdrew its April 1, 2014 proposed rule, “Contractor Business Systems—Definition and Administration. The April 2014 proposed rule which defined five business systems was modeled after similar business systems requirements imposed upon DOD Contractors (DFARS 252.242-7005 along with six interrelated regulations pertaining to each of the six business systems noting that the five DOE systems excluded MMAS). Also in common with DOD, the statement or mantra, that “Contractor business systems and internal controls are the first line in defense against fraud, waste and abuse. That statement was excessively used by the Commission on Wartime Contracting, a Bi-Partisan Commission whose August 2011 248-page report concluded that at least $31 billion and possibly as much as $60 billion was wasted in Iraq & Afghanistan from 2002-2008 ($4.4B to $8.6B annually; by comparison, Government agencies estimate annual improper payments exceeding $100 billion in each year 2009-2015).   If one bothers to read the 248-page report, one would also surmise that most of the waste resulted from government failures which notably includes one singular failure, the lack of any accountability for $6.6B of a $9.1B cash shipment.

“A sound internal control environment, accounting framework, and organizational structure” is criteria number one in DFARS 252.242-7006 Accounting Systems. In fact, all six of the business systems identified in DFARS 252.242-7005 Contractor Business Systems, or commonly known as the “DFARS Business Systems Rule”, references adequate internal controls and the reliability of data. Even more far-reaching than DFARS is that FAR, adhered to by most, if not all US Federal Government agencies, requires adequate contractor internal controls over financial data relied upon for acquisitions. For the purposes of this blog, we shall focus primarily on the DFARS Business Systems Rule as it applies to defense contractors because of the activities of DCAA.