Government Contracting 101

Government contractors usually find themselves appearing before the Government Accountability Office (GAO) on a bid protest for one of two reasons:  (1) you believe that the government erroneously did not award a contract to your business or (2) your business holds a contract award that is challenged by a disappointed offeror.  Either way, there is a contract on the line that likely means a great deal to you (and your business).

In the past, we’ve discussed strategies for filing protests – which includes considering the important question of whether the GAO is the proper venue for the protest.  We’ve also offered practical advice on winning bid protest arguments.

But, should you find yourself on the losing end of a bid protest decision (and at extreme risk of losing that important contract for good), the GAO offers a last resort – the Request for Reconsideration.

GAO Reconsideration is a bit of a misnomer, so it is helpful to first discuss it in terms of what it is not, before turning to what Reconsideration actually entails.

First, Reconsideration is not an appeal.  In fact, there is no true “appeal” at GAO.  While disappointed protesters still have the option of turning to litigation at the Court of Federal Claims, that is a separate and distinct process – a clean slate.

Reconsideration also is not a “do over” or second bite at the apple with the GAO.  Contractors should never hold back an argument at the GAO because it is an extremely streamlined process (100 days from protest to decision).  Arguments that are not well stated the first time cannot be revisited.

So, what is Reconsideration, exactly?

In a nutshell, GAO provides for Reconsideration where the protester can identify specific legal or factual errors in the decision denying the protest.  Repeating or restating the same arguments (and hoping for a different result) will not get it done.  Needless to say, it is a high standard – making for a low probability for success.

In a recent bid protest decision, GAO narrowed the opening for what protesters can argue on Reconsideration even further.

In connection with a Defense Logistics Agency diesel fuel services contract, the protester challenged the agency’s failure to set the procurement aside for performance by service-disabled veteran-owned small businesses.  GAO disagreed and dismissed the protest, concluding that the contracting officer performed reasonable market research.

The contractor sought Reconsideration, but was again denied.  GAO’s decision primarily relies on the most common rationale – the protester did not raise issues of fact or errors of law in the underlying opinion.  Thus, GAO classified the Request for Reconsideration as “mere disagreement” with the protest decision.

Importantly, GAO also rejected the protester’s argument that the agency failed to produce key documents needed to prosecute the protest.  There was, indeed, a dispute during the protest concerning whether certain key documents were protected source selection documents (and therefore not subject to disclosure) – but GAO classified that dispute as a protest matter, not a separate ground for Reconsideration of the decision on the merits.

While this is a post about Requests for Reconsideration at GAO – the takeaway for contractors should be focused more on bid protest procedure.  Reconsideration of an adverse protest decision is possible – but rare.

Contractors should focus on strategy in advance and think about how to frame the best argument (leaving nothing in reserve).  Moreover, if there is a dispute (like the battle for responsive documents in this case), contractors should take affirmative steps to protect their interests before a decision is handed down.  By the time Reconsideration rolls around, its likely too late.

Join me on Thursday, August 24, 2017 for lunch (11:30 am to 1:30 pm) and learn about the Small Business Administration’s All Small Mentor Protégé Program. The event is sponsored by Design-Build Institute of American Mid-Atlantic and will be held at Maggiano’s in Tysons Corner.

For months, we poured over the proposed and final rules – speculating about how the Program would look and operate.  Now it is here.  With the SBA accepting and processing applications at a healthy clip, there is no better time than the present to get up to speed.

During the event, we will walk through the basics of the All-Small Program, including the application and approval process.  We will also talk about big picture issues, including the Program’s general shield against affiliation and the most important questions for contractors (both large and small) considering taking the leap.

The event will also offer insights for contractors that have already investigated the Program.  For example, we will discuss the newly published requirements for mentor-protégé agreements and joint venture agreements formed between Program participants.  Careful consideration of the issues captured in these agreements can make the difference between a successful partnership . . . and the undesirable alternatives.

I hope that you can join us on the 24th.  I am happy to chat after the presentation about any specific questions facing your business.  If you can’t make the event, you can always contact me here to discuss your questions.

This Thursday, June 29 (1:00 – 2:30 EST), I will be hosting a webinar to discuss document retention requirements for government contractors.

Implementing corporate document retention policies is an essential business practice for two reasons:

First, there is a legal duty for contractors to comply with contractual document retention requirements.  If the government requests to inspect your company’s records (for example, as part of a DCAA audit) and they are not available, it opens the door to some serious negative consequences (like False Claims Act allegations).

Second, proper document management is essential to supporting claims for time and costs against the government.  If a contractor fails to maintain its records for the specified period, the contracting officer can disallow all or part of the claimed cost that is not adequately supported.  In other words, failed document retention polices can have a real world impact on your business’s bottom line.

During the webinar, I’ll cover the basics of document retention – plus how it impacts more nuanced topics like electronic transfers and storage, the Freedom of Information Act, and the new hot-button issue – Cybersecurity.

Finally, the webinar will cover best practices for document retention under the FAR.  Specifically, I’ll discuss how a contractor can utilize a FAR 52.203-13 Code of Business Ethics and Conduct to not only master document retention practice – but also to implement an overall culture of compliance.

If you are unable to attend the webinar, please feel free to contact me.  I’ll be happy to share the information – or discuss any specific issues facing your business.

 

Earlier this month, we had the pleasure of opening the 2017 Associated General Contractors of America Federal Contractor Conference in Washington, DC with a presentation focused on the emerging issue of Cybersecurity in Federal contracting.  Data breaches are big news in the private sector, but the issue has remained somewhat under the radar for public contracts – until now.

New rules and regulations (with the imminent promise of more on the way) are setting the stage for Cybersecurity to be the next big government enforcement target under the Civil False Claims Act (which the Department of Justice used to claw back $4.7 Billion in recoveries from Federal contractors in FY 2016 alone).

The New Cybersecurity FAR Clause

A Final Rule published by the Department of Defense, NASA, and the General Services Administration in 2016 created a new Federal Acquisition Regulation subpart (4.19) and contract clause (52.204-21) that deal exclusively with Cybersecurity.

The Regulation broadly applies to “covered contractor information systems” that process, store, or transmit “Federal contract information.”  These terms are interpreted expansively to cover any information provided by or transmitted to the Federal government in connection with contract performance.  In other words, if the new clause is not included in your Federal contracts yet, it soon will be.

The Regulation imposes 15 “basic” security controls for contractors.  The controls are intended to impose minimum safeguarding measures that the government believes any responsible contractor should have in place as part of the cost of doing business.  A complete list of the security controls is available here.

The DFARS Cybersecurity Clause

Compliance with FAR clause 52.204-21 should be viewed by contractors as a baseline Cybersecurity requirement – but it does not take the place of other, more complex requirements.

For example, DoD contractors must comply with DFARS 252.204-7012 (Safeguarding Covered Defense Information & Cyber Incident Reporting).  The DFARS clause is more far-reaching than the FAR clause, and includes investigation and rapid reporting requirements for breach incidents.  It also requires compliance with NIST 800-171 (Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations) by no later than December 31, 2017.

Other requirements related to the handling of Classified and Controlled Unclassified Information also remain in place.  And we fully expect more (and more demanding) Cybersecurity requirements to be published by the government in the coming months and years.

The Contractor’s Guide to Cybersecurity Compliance

For Federal contractors, the future is now.

Cybersecurity requirements will soon be included in almost every Federal contract, so the only question is how to achieve and maintain compliance.

The good news is that compliance with FAR 52.204-21 is a great first step.  Again, the government considers the Regulation to be a basic safeguarding requirement that every responsible contractor should have in place.  If your business does not have at least those 15 security controls covered right now, it is time to figure out why.

To track and maintain compliance with expanding requirements, we also recommend making Cybersecurity part of your Federal Business Ethics and Compliance Program.

All Federal contractors have (or should have) a written Contractor Code of Business Ethics and Conduct.  The Code should be a living document that your business routinely updates and uses in connection with internal audits and employee training.

By adding Cybersecurity to your Ethics Program and written Code, you are ensuring that it becomes a part of your company’s culture.  You are also increasing the likelihood that Cybersecurity breaches, or other instances of non-compliance, are identified by your Internal Control System – not by the government.

Cybersecurity is an emerging, complex subject – but that does not mean that the government will relax its enforcement efforts while your business gets up to speed.  In fact, we think the opposite is true.  Contractors that do not make Cybersecurity compliance a priority now will be behind the power curve and are more likely to face harsh consequences (including False Claims Act allegations, suspension, or debarment) later down the road.

 

The contractual duty of “good faith and fair dealing” is well established in private contracts.  Depending on your jurisdiction, there is very likely either a formal or an informal rule that parties to a contract must deal with each other honestly and in good faith.  This is (usually) not a written contract term – rather, the duty is implied automatically in order to reinforce the parties’ intent when entering into the agreement.

But, did you know that the same kind of duty exists in public contracts – and runs as a two-way street between contractors and the Federal government?  It is true.  And it can help your business in the pursuit of time or damages from the government as part of an REA or Claim.

Contract

Implicit in every government contract is the duty for the government to treat the contractor fairly and act in good faith.  Courts discussing this duty place both affirmative and negative obligations on the government.  In other words, the government (1) must take active steps to enable the contractor’s performance and (2) must not willfully or negligently interfere with said performance.

Allegations concerning a breach of the duty of good faith and fair dealing can arise in almost any contractual context.  For example, it is very common to see such claims in the context of delay and disruption claims.  The contractor seeks direction or guidance from the government on how to proceed with certain contract performance details – but the response from the government is delayed, unhelpful, or does not come at all.

A recent Court of Federal Claims decision also advises that contractors can proceed with fairly broad allegations concerning the government’s breach of good faith and fair dealing as part of an appeal.  Specifically, in response to a motion to dismiss by the government, the Court ruled that a such a claim does not need to be tied to a specific contractual obligation in order to demonstrate a violation.

The decision is a win for contractors because it recognizes that contract performance does not take place within a vacuum.  Even if there is no toehold to assert a breach tied to a specific obligation, the duty of good faith and fair dealing exists to ensure that the “reasonable expectations of the parties are respected” by both sides.

Contractors dealing with the government at almost any stage of contract performance would do well to give serious thought to the duty of good faith and fair dealing.  While it is a “big picture” concept, it can have very real implications when a dispute arises – including a meaningful impact on recoveries for claims and appeals.

I’d like to you invite you to join Fox’s Government Contracts team of Reggie Jones, Doug Hibshman and Nick Solosky at the upcoming 2017 Associated General Contractors of American Federal Contractor Conference in Washington, DC.

We will lead a presentation and discussion entitled “Updated Federal Regulations Contractors Must Know – Cyber Security, Ethics & Compliance, SBA All-Small Program & More,” from 3:30 to 5:30 p.m. on Monday, May 1, 2017.

cropped-favicon

The presentation will offer insights into the new cybersecurity requirements facing federal contractors – including unpacking the FAR and DFARS cybersecurity clauses and the steps that contractors need to get to get (and stay) compliant.  Cybersecurity is a cutting edge issue, but failing to stay ahead of the curve could land contractors in hot water.

In addition to cybersecurity, we’ll also be detailing the hot button government contracting issues of 2017.  For example, we’ll outline what all contractors – both large and small – need to know about the SBA’s “All Small” Mentor-Protégé Program (and how it could open the door to new business development opportunities for contractors).  We’ll also pull straight from the headlines by covering the new administration and the President’s “Buy American, Hire American” initiative.

If you’re unable to make it to DC or attend the presentation in person, we can still discuss cybersecurity or any other Federal contracting regulations with you.  Please feel free to contact us for more details.

One of the primary risks facing construction contractors is subsurface or unexpected physical conditions discovered after the work begins (commonly known as a Differing Site Condition).  When such conditions are encountered on a federal government project, contractors need to: (1) properly document the condition, (2) notify the government, and (3) preserve the right to bring a Request for Equitable Adjustment or Certified Claim.

Typically, any Differing Site Condition inquiry begins at Federal Acquisition Regulation 52.236-2.  The regulation defines a Type I differing site condition as a subsurface or latent physical condition at the site that differs materially from those indicated in the contract.  A Type II condition is defined as an unknown condition, unusual in nature, that differs materially from the conditions ordinarily encountered or typically expected of the work provided in the contract.

These definitions seem straightforward – either the conditions encountered align with the contract, or they do not.  However, contractors should not take documenting or proving Differing Site Conditions lightly.  There is still much room for disagreement.

One area where contractors and the government commonly diverge is whether the disputed site conditions were “reasonably foreseeable.”  That is, should the contractor have anticipated the conditions based on all of the information available to the contractor when it bid the project.

This particular issue was recently litigated before the Armed Services Board of Contract Appeals (ASBCA) in a dispute over an Army Aviation Support Facility construction contract.  In a nutshell, the contractor and the government disagreed about whether the soft, saturated soils encountered during excavation for the project constituted a Type I Differing Site Condition.

In discussing the issue of reasonable foreseeability, the Board specifically considered the government’s claim that the contractor had access to the site (during a pre-bid site visit) and, therefore, the ability to discover the condition.  The Board disagreed.  The site visit included a visual inspection only – no invasive investigation was permitted.  While Type I Differing Site Conditions do not literally need to be below ground, that made a difference in this case.

The ASBCA concluded that the contractor proved – by a preponderance of the evidence – that the soil conditions at the site were unsuitable for construction.  As a result, it awarded the contractor damages associated with the unexpected soil remediation costs.

Thinking specifically about Type I Differing Site Conditions, contractors should keep the following elements in mind:

  • Is the condition encountered materially different from that indicated in the contract?
  • Is the condition encountered reasonably unforeseeable based on the information provided by the government at the time of bidding
  • Did your firm reasonably interpret the contract and the related documents provided by the government? and
  • Did your firm incur actual damages due to the difference between the expected condition and the condition actually encountered?

If you can answer all of these questions in the affirmative, then your firm is likely entitled to an upward contract adjustment from the government.

Government contractors responding to RFPs understand the need to read the fine print.

Mostly commonly, we discuss this topic in terms of pure proposal acceptability.  Protest decisions from the GAO and Court of Federal Claims make it abundantly clear that the burden falls on the contractor to follow directions and include all of the required information in all of the right places.  It is for that reason (among others) that we always recommend having an outsider (be it a consultant, a lawyer, or even just another person from your company not involved in preparing the proposal) do a quality check before a proposal is submitted.

A more nuanced issue – but just as important – is understanding the RFP’s evaluation scheme.  That is, not only what information must be submitted, but how that information will be weighed and measured by the Agency.

For example, in the past, we’ve looked at low-price technically acceptable (LPTA) RFPs.  The basic idea on an LPTA procurement is that a contractor need only achieve a minimum passing score on its technical proposal – the Agency will not give bonus points for added bells and whistles.  The much more important part of an LPTA proposal is price. Among those offerors found to be technically acceptable, the award goes to the offeror with the lowest submitted price.  So, the focus on an LPTA proposal should be on getting lean (while maintaining technical acceptability) so that you can get as low as possible (or practical) on price.

But what about Best Value RFPs?  There, the game changes dramatically.  The Agency is not looking just at technical ability or price – but how the two interact in order to maximize the benefit to the government. The award may be made to a higher-priced offeror, but only if that higher price is justified by a proper tradeoff analysis.  Stated differently, is the contractor’s higher price justified by greater technical skill?

Here is a nice, short summary from a recent GAO decision outlining government’s rights and responsibilities under a Best Value RFP:

[Agencies] have discretion to make award to a concern that has submitted a higher-priced, technically superior offer.  An agency’s decision is governed only by the test of rationality and consistency with the solicitation’s stated evaluation criteria.  Source selection decisions must be documented, and must include the rationale for any business judgments and tradeoffs made or relied upon by the source selection authority, but there is no need for extensive documentation of every consideration factored into a tradeoff decision.  Rather, the documentation need only be sufficient to establish that the agency was aware of the relative merits and costs of the competing proposals and that the source selection was reasonably based.

So, what is the BEST approach for Best Value competitions?

Maximize Technical Skill.  Unlike LPTA (where the proverbial C- or D+ proposal could get the award), the key is to go for the A+.  Play to your strengths and show the Agency that your firm is not only capable – but highly skilled and able to deliver the best service.

In maximizing technical skill, you’ll look to add those bells and whistles that show off your firm’s capabilities.  But remember, this isn’t just a talent show.

Keep Price in Mind.  This is where things start to get tricky.  While you’ll want to maximize technical skill and performance, price must always be a touchstone.  In order to accept a higher price, the Agency must be able to document (as part of its Best Value Tradeoff Analysis) that the higher price is justified by demonstrated technical superiority.

The Best Value combination of technical aptitude and price is particularly important for contracts involving complex, multi-disciplinary services because it gives the government the option of accepting a higher price in exchange for better odds of successful future performance.  But what if the Agency gets the formula wrong?  Fortunately, the GAO and Court of Federal Claims have recognized a number of avenues for challenging the Agency’s Best Value Trade Off.

Protesting Best Value Awards.  Bid protests of Best Value award decisions generally fall into one of two buckets: (1) The Agency overvalued the technical aspects of the awardee’s proposal (when a lower-priced offeror that believes that it is on par with the technical skill of the offeror) or (2) The Agency failed to recognize the technical superiority of a proposal (when a higher-priced offeror loses out to a lower-priced and allegedly less skilled awardee).

When properly supported, these allegations will put the Agency’s Best Value Tradeoff Decision under the microscope and open the door for the more skilled and/or lower-priced protester to make its case.

Small business owners must always be mindful of what it means to be “small” in the world of government contracting.  After all, losing that small business size status means losing direct access to the lucrative world of set-aside contracts and the SBA’s socio-economic programs.

In the past, we’ve discussed the SBA’s rules on affiliation – in short, the rules that determine whether you actually own and control your small business.  A finding of affiliation between two companies means that the firms are viewed by the SBA as a single entity for purposes of determining size.  Even a very small business can lose its size status if it is affiliated with another company (or multiple companies) that push it over the size threshold.

49949741 - connected group concept as many different ropes tied and linked together as an unbreakable chain as a community trust and faith metaphor for dependence and reliance on trusted partners for team and teamwork support and strength.

In addition to paying attention to active connections that could lead to a finding of affiliation, a recent SBA opinion reminds us that small business owners also need to avoid ostensible contractor affiliation (a current hot topic at the SBA and the reason behind many affiliation determinations).

In a nutshell, ostensible contractor affiliation occurs when a small business holds a prime contract – but a subcontractor hired for the job actually ends up controlling the work.  Specifically, the SBA targets instances where the subcontractor (and not the small business prime) performs the primary and vital work of the contract.  Affiliation can also arise under the ostensible subcontractor rule if the small business is unusually reliant on its subcontractor.

Take, for example, the SBA’s recent holding.  A small business was awarded an Army contract for waste management services.  In its proposal, the small business committed to performing all contract management services, including operations, customer service, and billing.  However, it subcontracted out to another business the work of diversion, disposal, and management of solid waste.  The SBA determined those waste management services to be the essential requirements of the contract and, therefore, found affiliation under the ostensible contractor rule.

As in all cases of affiliation, the finding had damaging effects, as the original contract awardee now exceeded the size standard of a small business and lost the contract.

This case should lead us to a practical question:  How do I avoid becoming affiliated under the ostensible subcontractor rule?  Fortunately, there are quite a lot of steps that you can take:

  • Focus on the kinds of work and the percentage of prime contractor performance.  In our sample case, it is not too controversial to suggest that waste management services are “primary and vital” to a waste management contract.  However, for other contracts, the essential work that should be performed by the small business prime contractor might not be as obvious.  In all cases, take the time in advance to think about the primary services being performed and whether the prime contractor is performing a reasonable percentage of that work (in addition to the required percentage of self-performance under the SBA’s limitation on subcontracting).  If the subcontractor is performing most or all of the heavy lifting, it is a warning that you might have an ostensible subcontractor problem.
  • Preparation, Preparation, Preparation.  From the outset, your proposal should give the appearance that the small business prime contractor is in control – even if it is already working with a proposed subcontractor.  Adhering to traditional prime and subcontractor roles (rather than approaching from the position of a partnership) can enhance the appearance that the small business is controlling the essential work of the contract.
  • Show Them the Money.  One of the hallmarks of ostensible contractor relationships is profit sharing.  Any non-traditional method of payment will suggest a lack of control to the SBA.  If you hold a prime contract and affiliation is a concern, you should pay your subcontractors like traditional subs.

Like so many issues when it comes to the SBA and affiliation, the ostensible contractor rule exists on a sliding scale.  There is no cure-all for avoiding affiliation, and the SBA will look to multiple factors in weighing the “totality of the circumstances.”

With that in mind, affiliation should always be at the top of your list.  Once a proposal is submitted, it is very difficult to un-tangle the prime and sub relationship.  The focus should be on preparing a proposal that places the small business prime firmly in control and includes proactive measures to ensure sufficient performance of the primary and vital work for the contract.

As I’ve covered extensively on this blog, the U.S. government is conducting a wide-spread and on-going crackdown on contracting fraud.  Under the Civil False Claims Act alone, the government clawed back $3.5 billion in 2015.  And 2016 is poised to be another banner year.

One of the hot topics in fraud prevention of late is small business contracting fraud.  The government is investing heavily in making sure that there are optimum opportunities for small businesses to receive federal contracting dollars (for example, through small business set-aside contracts and socio-economic contracting programs).  IG offices are on alert to make sure that those contracting dollars actually reach small and disadvantaged business owners.

Recently in the news is the latest example of a contractor paying hefty penalties in connection with a small business contracting scam.  This time, the government revealed that a small business and a large business colluded to obtain over $70 million in small business set-aside contracts, but (illegally) have the large business perform all of the work on the contracts.

All federal contractors need to be aware of the uptick in fraud investigations – but they should not be lulled to sleep by this latest example.  This case was an easy one for the government – what I like to refer to as “old school fraud.”  The guilty parties acted intentionally with the hope of beating the system and making an easy dollar for as long as possible.

Fortunately (or unfortunately), these kinds of cases are the exception, not the rule.  My experience shows that most contractors investigated for fraud are far less culpable than this extreme example.  In fact, I’ve seen plenty of fraud cases based on a failure to know the rules – which is particularly troubling given how fast those rules are changing today’s environment.  Contractors are also facing fraud investigations based mistakes made by lower level employees – not the top brass.

So how do you avoid getting caught up in the IG’s net?  There are a few simple steps your business should be following right now to create what I call a Culture of Compliance:

  • Implement a Contractor Code of Business Ethics and Conduct (even if you are not technically required to have one under FAR 52.203-13)
  • Establish a Business Ethics Awareness and Compliance Program (including regular employee trainings and updates)
  • Establish an Internal Control System (to monitor for and catch issues before they arise); and
  • Inform the IG Office of “Credible Evidence” of any Violation (and know what “credible evidence” really means before you do).

By taking these steps, your employees will be much less likely to commit mistakes rising to the level of fraud – and will be in a much better position to interface with the government in the event an investigation takes place.