Contact Us






* Required Fields. Please note that by submitting your contact information, you are choosing to receive future promotional material from Guidepost Solutions.

Contact Us

Guidepost Solutions Insights

Compliance Best Practices
Thoughts for Government Contractors

Anyone who has been involved in U.S. government contracting knows that applicable rules and regulations have increased consistently over the years.  Congress has used federal contracts to implement a wide range of policies, regulations, and laws, from labor laws to environmental concerns to subcontracting requirements to cybersecurity matters.  This accumulation of federal regulations, along with state and local laws and regulations, creates a nest of complicated and often interdependent compliance-related obligations that the federal contractor must perform in connection with federal contracts. To complicate matters further, these obligations can vary both in terms of the timing of their application and the internal team members who may be impacted by or otherwise responsible for managing and proving compliance.

Certification of Compliance Can Be a Weighty Undertaking

When a company submits a bid for federal work, it certifies that it will comply with all federal, state, and local laws and regulations.  For example, a company must certify within  its proposal that it complies with all federal regulations regarding transactions and activity with prohibited entities, disclosure of lobbying efforts, independent price determination, business size and classification, responsibility matters, ownership and control of the company, and various other employment-related certifications. Prior to award of a negotiated contract, a company must certify that its cost and pricing data is current, accurate, and complete as of the date of negotiation, including the data of subcontractors.  That said, for a large proposal, it takes a tremendous amount of effort to make such certification. In order to certify to these requirements, the company must have reliable systems with monitoring in place to confidently make those assertions in the proposal.

Failure to Comply Can Be Costly

When a company wins a contract, the performance of required compliance begins.  By way of example, federal contractors are required to have a “combatting trafficking in persons” compliance plan for contracts that meet certain criteria (e.g., has an estimated value of more than $500,000).  It is key to that the contractor sets out on a path to effective compliance and monitoring from the beginning of performance (contract kick-off).  If efficient processes and safeguards are enacted before performance begins, inadvertent missteps or issues can be avoided. Also of paramount importance is ensuring client relationship executives understand agency specific needs and are ready and able to assure the government that the company is well-positioned to comply with the requirements. This will alleviate concerns on the part of the agency.

As the government increases oversight of contractors, ongoing compliance becomes even more important.  Failure to comply with all the applicable laws, regulations, and requirements in the contract itself can have a significant impact on performance and a company’s bottom line.  To illustrate this point, the government has increased auditing of hiring practices by reviewing the required Form I-9 paperwork collected by the company. Companies can face corrective action, monitoring, and heavy fines if found non-compliant, so it is in the best interests of the company to develop, implement, and monitor compliance plans for such requirements.

Thoughts on Ensuring Compliance

So, how does a company ensure effective compliance?  First, awareness is key – identify all the compliance requirements.  Next, determine what is required in order to comply, and what is needed to demonstrate (or prove) compliance. It is important to assign the right people to be responsible for compliance. For contractors with multiple contracts and long-term performance periods, this is critical as is incorporating well-defined internal processes and thoughtful technological solutions.  Developing a corporate culture of shared responsibility for compliance also helps guide daily operations.

With respect to internal controls, it is especially important for companies to think about monitoring the efficacy of those controls.  It is helpful to think along the lines of the following case study. Let’s assume that Company X incorporates Section 4.703 of the FAR’s record retention timeframe of “3 years after final payment” into the Company’s records retention policy and schedule.  How—and when—will Company X know that the appropriate documents are being retained for the appropriate time period?  The answer to that question may be severalfold: (1) when the government requests certain records and Company X is unable to locate those records because they were destroyed; (2) when Company X’s internal audit function performs an internal audit around certain contracts; or (3) when Company X’s compliance function performs a monitoring activity designed to test whether its retention schedule is being followed in practice.  The advantage with discovering a control weakness during (3) rather than during (1) or (2) is that Company X will likely have an earlier opportunity to institute and document internal responsive steps, such as targeted training, enhancements to internal systems, clarifications within applicable policies, and perhaps the creation of additional procedures.

The company has done all that, and “feels” compliant, but is that enough?  Perhaps it has identified a potential failure in FAR compliance as one of the top risks and wants to perform a formal risk assessment. Perhaps the company has begun thinking about monitoring activities but wants to benchmark against other companies. Outside professionals can help ensure compliance plans are up to par at the outset of a new contract and monitor compliance throughout the contract lifecycle so that the company can move ahead with confidence.


ABOUT THE AUTHORS:

J. WILLIAM (BILL) WEINBERG
MANAGING DIRECTOR, FEDERAL PRACTICE

Bill Weinberg spent more than 30 years in highly complex acquisition roles within the U.S. Departments of Defense, Homeland Security and Commerce solving program issues and budget challenges through innovative acquisition solutions. He provides expert advice in navigating the complex world of government procurement. Prior to joining Guidepost Solutions, he was the Director of the Office of Acquisition Management at the Department of Homeland Security U.S. Immigration and Customs Enforcement where he led an authorized workforce of 184 employees, contracting officers and program analysts, and managed the execution of more than 8,000 transactions exceeding $2.7 billion annually. Mr. Weinberg spent part of his career serving in the U.S. Patent and Trademark Office as Director of Procurement. He also served in the Department of the Navy, at the Naval Sea Systems Command where he was responsible for acquisition program efforts for major weapons systems and associated services. Bill can be reached at bweinberg@guidepostsolutions.com.

 

Paige Mason
Managing Director

Paige Mason is a managing director in the Washington, D.C. office at Guidepost Solutions. She works on multiple financial institution matters involving anti-money laundering, Know-Your-Customer regimes, sanctions/embargoes, correspondent banking, and regulatory requirements for fintech companies. Ms. Mason’s experience further includes working closely with large government contractors in evaluating their internal investigative functions, designing compliance monitoring programs across ethics and compliance programs, and drafting compliance policies and procedures on topics ranging from third party due diligence and records retention to policy governance and compliance issue escalation criteria. Paige can be reached at pmason@guidepostsolutions.com.