On June 25, 2015, Partner John C. Horan testified in front of the U.S. House of Representatives Committee on Small Business, Subcommittee on Contracting and Workforce regarding GSA’s proposed rule that would require contractors to electronically report the price the federal government paid for an item or service bought through the GSA Federal Supply Schedule and other GSA government-wide contract vehicles. The controversial rule, which was published on March 4, 2015, has received a great deal of opposition not only by industry, but also by the GSA Inspector General. Mr. Horan testified that the proposed rule is problematic for contractors – particularly small business contractors – for the following reasons: (1) the rule creates a significant and unnecessary reporting burden on these contractors; and (2) the rule is subject to misuse that could result in considerable harm. Additionally, there is no evidence that the transactional data will improve GSA’s ability to purchase items on a more cost-effective basis. Read more from Mr. Horan’s testimony here: Horan Committee on Small BusinessTestimony
On Monday, June 22, the United States Supreme Court decided it would hear arguments in the dispute over whether the Department of Veterans Affairs’ set-aside restricting competition to veteran-owned small businesses is mandatory. The case is Kingdomware Technologies, Inc. v. United States.
The case was filed by a service-disabled veteran-owned small business (SDVOSB). The business, Kingdomware, originally filed multiple bid protests with the Government Accountability Office (GAO) over the Department of Veteran Affairs’ (VA) failure to apply the so-called “Rule of Two” on Federal Supply Schedule (FSS) procurements. The GAO sustained Kingdomware’s protests but the VA refused to comply with GAO’s recommendation.1
Following the VA’s refusal, Kingdomware brought an action in the Court of Federal Claims. The Court of Federal Claims granted summary judgment to the VA. Kingdomware then appealed to the Court of Appeals for the Federal Circuit (Federal Circuit). The Federal Circuit affirmed the Court of Federal Claims’ decision, taking up the VA’s position over a vigorous dissent.
The principal dispute is over the meaning of the word “shall” in Congress’ legislative mandate that the VA use a “rule of two” in procurements when it decides whether to award contracts to veteran-owned small businesses. The law—the Veterans Benefits, Health Care, and Information Technology Act of 2006—provides that VA contracting officers “shall award” contracts on the basis of competition restricted to small businesses owned by veterans whenever there is a “reasonable expectation” that two or more such businesses will bid for the contract at “a fair and reasonable price that offers best value to the United States.” 38 U.S.C. § 8127(d).
Kingdomware’s argument is that the law gives the VA no discretion and that the VA must conduct market research, and if there are at least two eligible firms, then it must pick the firm that can perform the contract at a fair and reasonable price. The VA’s interpretation of the law is that the word “shall” only applies to the achievement of goals set regarding levels of awards to veteran-owned small businesses and argues that the VA has regularly met these goals.
The case will be argued in the Supreme Court’s October 2015 Term, which commences on September 28, 2015. This is the only government contracts case currently scheduled during this term. We will continue to monitor these developments and will report back here with updates.
1Matter of Kingdomware Techs., 2012 WL 1942256, at *2 (Comp. Gen. May 30, 2012).
Since the acquisition reforms of the 1990s—i.e., the Federal Acquisition Streamlining Act, the Federal Acquisition Reform Act, and Clinger-Cohen—the federal government’s oversight and audit communities have periodically criticized the perceived manipulation and abuse of commercial item status. The claim is that contracting officers too often incorrectly determine something is a commercial item or fail to adequately justify the prices paid are fair and reasonable, the latter being most recently reflected in a series of DODIG reports on certain spare parts acquisitions.
In reaction to this type of criticism, commercial item acquisitions are facing increasing scrutiny and the potential for regulatory and legislative changes. Presently, these changes come in the form of policy initiatives and guidance out of DOD as well as certain proposals being exchanged between the United States Senate and House of Representatives relating to the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2016.
Developments to watch for in the coming months include DFARS Case No. 2013-D034. When issued, this DFARS rule will implement Section 831 from the 2013 NDAA, which directed the Office of the Under Secretary of Defense for Acquisition, Technology and Logistics to issue guidance on DOD pricing policy regarding evaluating price reasonableness for commercial items.
In the meantime, on February 4, 2015, the Office of Defense Pricing issued a memorandum partially addressing Section 831. In that memorandum, the Director of Defense Pricing stated the commercial item determinations (“CIDs”), generally, should be completed within 10 business days. Regardless of that determination, however, the key question that contracting officers must answer is, “Am I paying a fair and reasonable price?” To aid contracting officers in that inquiry, DOD is establishing centers of excellence and a cadre of personnel with a particular focus on these issues.
Additionally, under Better Buying Power (BBP) 3.0, the Office of Defense Pricing has further indicated that it will issue a legislative proposal to revise the definition of the term “commercial item,” potentially eliminating items and services which are merely offered for sale, lease, or license. This change could narrow the current definition of “commercial item” in ways similar to a 2012 DOD legislative proposal that was, at that time, unsuccessful. While such a change is specifically called for in BBP 3.0, it is seemingly at odds with one of the overall goals of BBP 3.0: removing barriers to commercial technology utilization. These changes are expected by September 2015.
Moving from regulatory and policy changes, there are potential legislative changes relating to commercial items that appear to run contrary to the trend coming out of DOD. Specifically, both the Senate and House bills would confirm the ability of contracting officers and contractors to look to and rely upon prior CIDs. In our experience, contracting officers have recently been reluctant to utilize prior CIDs, preferring to revisit the threshold question of commercial item status.
Below we briefly identify the current Senate and House sections in the 2016 NDAA relating to commercial items that are under consideration.
- Section 863 would permit contracting officers to presume that prior commercial item determinations are valid for subsequent procurements of the same commercial item, paralleling H.R. 1735 Section 804, discussed below.
- Section 862 would require that DoD issue guidance to ensure full compliance with 10 U.S.C. § 2377. At a minimum, the guidance must: (1) provide that the head of an agency may not enter into a contract in excess of the simplified acquisition threshold for information technology products or services that are not commercial items unless the head of the agency determines in writing that no commercial items are suitable to meet the agency’s needs based on market research as provided in 10 U.S.C. § 2377(c)(2); and (2) ensure that such market research is used, where appropriate, to inform price reasonableness determinations.
- Section 804 would require that DOD establish and maintain a centralized capability with the requisite necessary expertise and resources to oversee the making of commercial item determinations.
- Permit contracting officers to presume that prior commercial item determinations, made by a military department or DoD agency, are valid for subsequent procurements of the same commercial item.
- Provide public access to DoD commercial item determinations for the purposes of DoD procurements.
Despite the passage of 20 years since the commercial item reforms of the mid-1990s, the federal government is not yet satisfied with the balance between streamlined acquisition that ensures access to cutting-edge technologies on the one hand, and detailed cost insight and analysis and all the regulatory burden that comes with it on the other. We will continue to monitor these developments and will report back here with updates.
The Department of Defense (DoD) issued an interim rule Tuesday amending DFARS 225.7303-2 to instruct contracting officers to accept all indirect offset costs imposed in Foreign Military Sales (FMS) acquisitions as reasonable without performing a cost reasonableness analysis. This new rule should reduce transaction costs for contractors, as it removes some DoD oversight from FMS offset agreements and, therefore, obviates the need for data calls and other effort that contractors provide as support for the contracting officer’s reasonableness evaluation.
Many governments require foreign defense contractors to “offset” the value of a procurement through any number of transactions intended to turn at least some of that value back around to benefit domestic economic activity. These transactions may directly support the overall defense project, or they may be “indirect offsets” wholly unrelated to the underlying procurement. Though the United States does not impose offset requirements in its own contracts, it allows foreign nations to request through the FMS program both direct and indirect offset requirements by including them in the FMS Letter of Offer and Acceptance (LOA) and related DoD contract.
Until now, U.S. contracting officers were required by FAR parts 15 and 31 to determine price reasonableness regarding all aspects of FMS contracts, including indirect offset costs. Recognizing that these contracting officers have little or no insight into the pricing of indirect offsets – which are negotiated directly between the contractor and the foreign government – the interim rule eliminates this price reasonableness determination. Now, contracting officers are to deem reasonable “all offset costs that involve benefits provided by the U.S. defense contractor to the FMS customer that are unrelated to the item being purchased under the LOA,” so long as the contractor submits a signed offset agreement or other documentation showing that an indirect offset of a certain dollar value is a condition of the FMS acquisition. Contractors must remember that the interim rule applies only to indirect offsets, and contracting officers will continue to scrutinize direct offset costs for reasonableness in accordance with FAR part 31.
Sparked by a “recent and foreseeable trend” of increasingly complex indirect offsets desired by FMS customers, this rule will go into effect immediately to “allow DoD contracting officers to finalize pending negotiations for FMS contracts to support U.S. allies and partners, and maintain bilateral relationships.” However, the Defense Acquisition Regulations System is accepting comments until August 3, 2015 before issuing a final rule.
Proposed Measure Would Add New Categories and Licensing Requirements; Move Some Items From Encryption Controls to New ECCNs
Amid a flurry of reports about someone claiming to have hacked a passenger plane through its entertainment system, BIS has issued an uncannily well-timed proposed rule (available here) that would control certain cybersecurity items. The new rule implements certain 2013 changes to the Wassenaar Arrangement. There is a comment period ending July 20. Companies whose products and services may be affected by this proposed rule should review it carefully and consider whether comments would be appropriate.
Broadly speaking, the proposed rule would do the following:
- Create new ECCNs (4A005, 4D004) and amend others (4D001 and 4E001) to control several items, software and technology relating to “intrusion software” (a new defined term – see below). Specifically, the new ECCNs would control items and software specially designed for the generation, operation or delivery of, or communication with, “intrusion software.” The revised ECCNs would control software and technology related to the newly added ECCNs.
- Create new ECCN 5A001.j, which would control IP network communications surveillance systems (and certain related items) that intercept and analyze messages to produce “personal, human and social information from the communications traffic.” Associated test equipment, software and technology for such items would become controlled under 5B001, 5D001, and 5E001, respectively. This proposed category is intended to control systems that perform the indicated functions in connection with security and would exclude items used for marketing, quality of service, or quality of experience purposes.
- Subject cybersecurity items to control for Regional Stability (RS) reasons, but establish a favorable licensing policy for several types of recipients, including foreign subsidiaries not located in Country Groups D:1 and E:1, certain foreign commercial partners, and certain favored government end-users.
- Define “intrusion software” as software specially designed or modified to avoid detection by ‘monitoring tools’ (such as antivirus/intrusion detection products and firewalls) or to defeat ‘protective countermeasures’ (such as sandboxing or execution prevention) of a computer or network-capable device that also extracts or modifies data, or modifies the standard execution path of a program or process to allow execution of externally provided instructions. This new definition expressly excludes hypervisors, debuggers, reverse engineering tools, digital rights management software, or certain software designed for asset tracking and recovery.
- Clarify that “cybersecurity items,” including those defined in the new ECCNs, are not controlled under encryption ECCNs (and hence are ineligible for exception ENC) even if they use encryption. However, if they do use encryption, they must also satisfy the registration, review and reporting requirements applicable to encryption items. Furthermore, license applications for such items will also be subjected to a “focused” EI control review.
- Remove certain license exceptions from eligibility for use for these ECCNs and items (e.g., STA, TSU).
- Require certain information to be submitted with license applications for cybersecurity items. This would take the form of a letter of explanation addressing, among other subjects, a detailed technical description of the cybersecurity functionality of the item.
BIS seeks comment specifically on the additional compliance burdens the proposed rule would create, as well as to what extent it would affect companies’ legitimate cybersecurity efforts. The proposed rule appears to at least have the potential to significantly impact both areas. Others have noted that the Wassenaar definition of “intrusion software,” on which the new EAR definition is based, is so broad that it includes “the primary known means through which research and engineering progress has been made” in security software.1 In addition, BIS states that it has attempted to offset the impact of additional controls with a favorable licensing policy for certain items. However, the continuing application of certain encryption control requirements and the requirement to provide a detailed letter of explanation in support of licensing requests for cybersecurity items could present significant compliance burdens. In light of these potentially important changes, industry attention and engagement with BIS is critical at this juncture.
1 Why Wassenaar Arrangement’s Definitions of “Intrusion Software” and “Controlled Items” Put Security Research and Defense At Risk, Sergey Bratus, Michael Locasto, Anna Shubina, July 23, 2014
Join us on June 11, 2015 at the National Transportation Safety Board (NTSB) Conference Center for a Symposium titled, “So You Want to Be in the Unmanned Aircraft Systems (UAS) Business: One Year Later.” The Symposium, which will build upon last year’s event, will feature experts from the Federal Aviation Administration (FAA), the NTSB, the UAS industry, and the legal profession discussing the ins, outs, and updates to the rapidly changing UAS environment. Speakers will touch upon a variety of UAS-related topics, including but not limited to: FAA’s proposed regulations and projects covering UAS; privacy issues; ways to limit liability; and how to obtain authorization for UAS operations. We hope to see you there.
Since the Bureau of Industry and Security (“BIS”) – as well as the Office of Foreign Assets Control (“OFAC”) – began imposing restrictions on Russia in response to the situation in Crimea, U.S. exporters have wrestled with what those restrictions mean for their businesses and how to comply with them. In March 2014, BIS announced that it was placing an indefinite hold on the processing of license applications to Russia. Following this, BIS imposed additional restrictions on exports to certain industry sectors in Russia, as well as additional end use and end user restrictions. For instance, BIS imposed restrictions on the export of certain items destined for Russian deep water, Arctic offshore, or shale energy exploration or production in August 2014. In September 2014, BIS imposed restrictions on exporting specified items if they will be used by a military end user or for a military end use. Then in December 2014, BIS added certain microprocessors to the military end user and end use restrictions.
The restrictions on exports to Russia do not only affect U.S. businesses that have dealings with Russia. They also increase the risk that other parties to an export transaction may seek to illegally divert goods to Russia.
BIS recently published guidance on its website to help exporters conduct due diligence to prevent such unauthorized diversions or transshipments to Russia. Exporters with sophisticated compliance programs will likely notice that the guidance itself is familiar: it largely references existing BIS guidance on red flags and knowing one’s customer (see also EAR Part 732, Supp. 3). For instance, BIS reiterates its admonition concerning the “red flag” that an exported item will not be used for its intended purpose or by its intended recipient. It advises researching all parties to a transaction with a watchful eye for indications of planned diversion. This includes researching freight forwarders and distributors to understand which countries and industries they service. The new guidance also points readers to the consolidated export screening list as well as the list-based and end-user and end-use based controls that may apply to Russia.
The familiar substance of this “new” guidance does not so much suggest that BIS believed additional guidance was necessary. Rather, it suggests that BIS believes exporters could be doing more to prevent unlawful diversion of items – explicitly including those items controlled for national security (NS) reasons – to Russia. While it provides information that should aid exporters in compliance, it also suggests an increased likelihood of enforcement action against companies who neglect to conduct appropriate due diligence and whose exports wind up in Russia. Finally, it serves as a reminder that even (and, perhaps, particularly) exporters who believe they do not conduct business in Russia should carefully examine their end user and end use due diligence processes to ensure that their shipments arrive at the intended destination.
Recently Effective FAR Modification Creates Confusion Regarding Uncompensated Overtime for Service Contractors
In light of a recent modification to the Federal Acquisition Regulation (“FAR”) regarding the identification of uncompensated overtime in service contracts, now, more than ever, contractors must make sure that: (1) they have in place clear policies and processes regarding time recording and estimating, and accumulating and reporting labor hours, labor rates, and indirect costs; and (2) they are complying with said policies and processes.
Effective March 2, 2015, the FAR was amended to add the definitions of “adjusted hourly rate” and “uncompensated overtime” to FAR 37.101 and also to clarify that “[w]henever there is uncompensated overtime, the adjusted hourly rate . . . shall be applied to all proposed hours, whether regular or overtime hours.” FAR 37.115-2(d), FAR 52.237-10. This means that when a proposal for a service contract is based upon uncompensated overtime hours, the proposal’s proposed hourly rates must be consistent with the total time proposed, including the uncompensated overtime hours.
The comments to the FAR’s Modification state that the amended rule clarifies existing FAR policy which is that there is no requirement to record uncompensated overtime and base labor and indirect costs on both compensated and uncompensated labor hours. In other words, the Modification does not expressly require that proposals be prepared based upon uncompensated overtime hours or that labor rates be based on uncompensated labor hours in all circumstances.
Despite that the Modification is merely a “clarification,” the amended rule is somewhat unclear and thus creates risks for contractors.
The National Archives and Records Administration (“NARA”) published a proposed rule on Friday that would establish a government-wide policy related to controlled unclassified information (“CUI”). See 80 Fed. Reg. 26501 [found here]. The proposed rule would establish policies for agencies on designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI. Most importantly for contractors is that these extensive additional requirements could soon start infiltrating government contracts for which CUI is provided or created.
While the proposed rule is largely focused on agency requirements, the CUI requirements will impact contractors in a number of different ways:
- Agencies would be required to include NARA’s CUI requirements from the proposed rule in “all contracts that require a contractor to handle CUI for the agency.”
- Agencies would be encouraged to enter into formal information-sharing agreements with contractors that would require contractors to comply with NARA’s CUI requirements. Alternatively, agencies would be required to communicate to contractors that the government “strongly encourages” contractors to protect CUI consistent with NARA’s CUI requirements.
- NARA and NIST are planning to finalize and adopt NIST SP 800-171, published in April 2015, which contains more than 100 security controls for protecting CUI in nonfederal information systems and organizations.
- NARA is planning to promulgate a FAR clause to apply the requirements of NARA’s proposed rule and the final version of NIST 800-171 to contractors.
As we report in more detail in the upcoming Legislative and Regulatory Update, appearing in the April issue of NCMA Contract Management Magazine, Congress has recently taken two noteworthy legislative actions that could greatly affect contractor responsibility determinations.
On April 15, the House unanimously passed the Contracting and Tax Accountability Act of 2015 (H.R. 1562). If enacted, this bill would require contractors to certify that they have no “seriously delinquent tax debts” when submitting a bid or proposal for any contract or grant in excess of the simplified acquisition threshold. For the purposes of the bill, a “seriously delinquent tax debt” includes any federal tax liability assessed by the Secretary of the Treasury under the Internal Revenue Code that can be collected by levy or court proceeding, with some exceptions. Should a contractor admit that it does have a seriously delinquent tax debt within this definition, the bill would require contracting officers to find that the contractor is not presently responsible and, absent a waiver for urgent and compelling circumstances, would require agencies to initiate a suspension or debarment proceeding. With such serious consequences—as well as the potential for False Claims Act liability should a party incorrectly certify its tax liability status—contractors should keep an eye out for this bill as it works its way through the Senate. Should the bill be enacted, contractors must facilitate open communication between their departments to ensure parties making these certifications are fully apprised of the company’s tax liability status.
Also introduced in April is the Small Business Fairness Act (S. 958), which would broaden the scope of information a contracting officer examines when making a past performance or financial responsibility determination for small businesses proposing a team of subcontractors or a joint venture. The bill would require contracting officers to consider the capabilities and past performance of each first-tier subcontractor of the proposed team; or, if a joint venture is proposed and the joint venture does not have sufficient capabilities or past performance to be considered, the contracting officer would then consider the capabilities and past performance of each member as the capabilities and past performance of the whole. In addition, the bill would require contracting officers to certify annually that each small business member of a team or joint venture has retained the same status—small business, qualified HUBZone small business, small business owned and controlled by service-disabled veterans, and so on—under which it was awarded the contract. To the extent this bill could act to limit small businesses from continuing to perform contracts after a change in status, it would have a significant effect on contractors.
To be certain, these bills could have significant effects on contractors of all types if enacted. We will continue to monitor their progress as they move through Congress.