“May you live in interesting times.”—Ancient Chinese curse (apocryphal)

In one of its final actions, on December 22, 2010, the “lame duck” Congress passed H.R. 6523, the Ike Skelton National Defense Authorization Act for Fiscal Year 2011. As we write this, it is awaiting Presidential signature. (It will become Law in any case, if the President doesn’t sign it within 10 days of passage.) The 2011 NDAA has a history that should trouble contract administration and compliance practitioners (and their legal counsel) because of the speed of passage and lack of deliberation. As Bob Antonio of WIFCON.com noted—

The bill was in Congress for about a week.  There was no conference, no conference report, and no explanation of where sections of the bill came from. … The ISNDAA was slapped together by members of Congress without any explanation.  The clear congressional intent of the ISNDAA was for a lame duck Congress to pass something quickly so it could head home for the holidays.

Before we move on, we want to note that we are indebted to Bob for putting together a section-by-section analysis of the NDAA on his most excellent website, Where in Federal Contracting?. But even his prodigious talents were strained on this effort. He wrote—

H. R. 6523, The Ike Skelton National Defense Authorization Act for Fiscal Year 2011 (ISNDAA), was introduced in the House of Representatives on December 15, 2010.  Two days later on December 17, 2010, it passed the House.  Five days later, on December 22, 2010, it passed the Senate with an amendment―striking one title of the bill.  On that same day, the House agreed to the Senate amendment.  … There is [also] Senate bill S. 3454, a defense authorization bill that never passed the Senate.  Then there is House bill H. R. 5136, a defense authorization bill that actually passed the House.  Both of these bills include some similar sections that appear in H. R. 6523 and each has a report explaining their sections.  However, neither of these bills is the basis for the Improve Acquisition Act which is a major part of the ISNDAA. That ‘honor’ goes to H. R. 5013, the Implementing Management for Performance and Related Reforms to Obtain Value in Every Acquisition Act of 2010.  H. R. 5013 did pass the House with an earlier report explaining its sections.  During consideration of H. R. 5136, it was adopted as an amendment and pasted to the end of H. R. 5136. 

In other words, when trying to figure out exactly what the language of the final public law is (or will be), one has to look at three different bills in the House of Representatives and one Senate bill. So our analysis needs to be caveated with words of warning: subject to change.

That said: let’s move on to some really interesting provisions of the 2011 NDAA.

In one of our first blog articles, we noted a report to the Secretary of Defense from the Defense Science Board that told SecDef Gates his Pentagon bureaucracy was too bloated to meet the needs of the warfighter. We reported a few of the DSB’s findings—

-- The DOD is ‘not geared to acquire and field capabilities in a rapidly shifting threat environment.’

-- ‘Current long standing [DOD] business practices and regulations are poorly suited" to the dynamics of a rapidly shifting threat environment.’

-- ‘Today, the DOD is saddled with processes and oversight built up over decades, and managers leading them who are often rewarded for risk aversion.’

-- ‘All of DOD's acquisition needs cannot be met by the same acquisition processes.’

Somebody was listening to the DSB. Section 804 of the 2011 NDAA requires the Secretary of Defense to “complete a review of the process for the fielding of capabilities in response to urgent operational needs and submit a report on the review to the congressional defense committees.”

As long-time readers know, we are passionate about improving supply chain management practices and, in particular, securing the supply chain against counterfeit or sabotaged parts and software code. We recently reported that the upcoming NDAA was likely to contain provisions regarding supply chain risk; the bill would permit sources to be excluded from competitions based on a finding of undue risk in the supply chain, and that those exclusions would be exempted from review by the GAO or any Federal court.

If you had been listening, you would have been prepared for Section 806 of the 2011 NDAA, which carries the exact language we warned you about. Here are some important features of the law—

SUPPLY CHAIN RISK- The term ‘supply chain risk’ means the risk that an adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of a covered system so as to surveil, deny, disrupt, or otherwise degrade the function, use, or operation of such system.

For “covered systems”, the head of a “covered agency” may make a finding that an individual prime contractor—or an individual subcontractor—has undue supply chain risk, and exclude that entity from receiving a contract award, or withhold consent to issue a subcontract. Question for your consideration: how will you demonstrate the integrity of your supply chain?

To address program execution risk, Congress mandated, in Section 812, that the Secretary of Defense must issue “comprehensive guidance on the management of manufacturing risk in major defense acquisition programs.” As part of that guidance, the SecDef must “require the use of manufacturing readiness levels as a basis for measuring, assessing, reporting, and communicating manufacturing readiness and risk on major defense acquisition programs ….”

Okay, we’ve saved the “best” for last. We warned you about this earlier in the year. DCAA’s failure to move more quickly in implementing audit quality reforms caused Congress to get involved. Section 893 of the 2011 NDAA is titled, “Contractor Business Systems”—which usually sets-off alarm bells. This time is no different. Let’s quote—

 

(a) Improvement Program- Not later than 270 days after the date of the enactment of this Act, the Secretary of Defense shall develop and initiate a program for the improvement of contractor business systems to ensure that such systems provide timely, reliable information for the management of Department of Defense programs by the contractor and by the Department.

(b) Approval or Disapproval of Business Systems- The program developed pursuant to subsection (a) shall--

(1) include system requirements for each type of contractor business system covered by the program;

(2) establish a process for reviewing contractor business systems and identifying significant deficiencies in such systems;

(3) identify officials of the Department of Defense who are responsible for the approval or disapproval of contractor business systems;

(4) provide for the approval of any contractor business system that does not have a significant deficiency; and

(5) provide for--

(A) the disapproval of any contractor business system that has a significant deficiency; and

(B) reduced reliance on, and enhanced scrutiny of, data provided by a contractor business system that has been disapproved.

(c) Remedial Actions- The program developed pursuant to subsection (a) shall provide the following:

(1) In the event a contractor business system is disapproved pursuant to subsection (b)(5), appropriate officials of the Department of Defense will be available to work with the contractor to develop a corrective action plan defining specific actions to be taken to address the significant deficiencies identified in the system and a schedule for the implementation of such actions.

(2) An appropriate official of the Department of Defense may withhold up to 10 percent of progress payments, performance-based payments, and interim payments under covered contracts from a covered contractor, as needed to protect the interests of the Department and ensure compliance, if one or more of the contractor business systems of the contractor has been disapproved pursuant to subsection (b)(5) and has not subsequently received approval.

(3) The amount of funds to be withheld under paragraph (2) shall be reduced if a contractor adopts an effective corrective action plan pursuant to paragraph (1) and is effectively implementing such plan.

(d) Guidance and Training- The program developed pursuant to subsection (a) shall provide guidance and training to appropriate government officials on the data that is produced by contractor business systems and the manner in which such data should be used to effectively manage Department of Defense programs.

(e) Rule of Construction- Nothing in this section shall be construed to prohibit an official of the Department of Defense from reviewing, approving, or disapproving a contractor business system pursuant to any applicable law or regulation in force as of the date of the enactment of this Act during the period between the date of the enactment of this Act and the date on which the Secretary implements the requirements of this section with respect to such system.

(f) Definitions- In this section:

(1) The term `contractor business system' means an accounting system, estimating system, purchasing system, earned value management system, material management and accounting system, or property management system of a contractor.

(2) The term `covered contractor' means a contractor that is subject to the cost accounting standards under section 26 of the Office of Federal Procurement Policy Act (41 U.S.C. 422).

(3) The term `covered contract' means a cost-reimbursement contract, incentive-type contract, time-and-materials contract, or labor-hour contract that could be affected if the data produced by a contractor business system has a significant deficiency.

(4) The term `significant deficiency', in the case of a contractor business system, means a shortcoming in the system that materially affects the ability of officials of the Department of Defense and the contractor to rely upon information produced by the system that is needed for management purposes.

When this is coupled with the DFARS regulatory changes on contractor business systems (currently pending as this is written), we are seeing multiple compliance regimes with multiple corresponding audit objectives. Contractors with the DFARS language in their contracts will be subject to one set of compliance standards. (The proposed DFARS language would apply to all contracts containing the clause language and would mandate payment decrements to be applied to firm fixed-price contracts where contracting financing payments, including Performance-Based Payments, are utilized.) Contractors with both DFARS and CAS-covered contracts will be subject to another set (since the statutory language above permits discretionary payment decrements only to CAS-covered contracts and not to firm fixed-price contracts). Finally, contractors without DFARS language will be subject to the existing FAR set of requirements, which is far less specific and does not mandate any payment decrements (though individual contract clauses, such as those invoked when contract financing payments are utilized, already permit discretionary reductions to such payments).

In other words, contractors are going to have to track multiple compliance requirements and corresponding remedial actions, DCAA is going to have to create multiple audit programs, and DCMA contracting officers are going to have to track when payment withholds are mandatory and when they are discretionary. Hey, good luck with all that!

In still other words, we expect 2011 to be an “interesting” year, in the sense of that ancient Chinese curse we quoted at the beginning of this article.

 

 

 

 

 

 

 

 

< Prev		Next >