DCAA Back in the News, But Is Not Alone
Our old friends at the Defense Contract Audit Agency are back
in the news again. In Hollywood they say there’s no such thing as “bad”
publicity, but we doubt Mr. Fitzgerald and his Executive Committee
would agree with that saying.
Before we relate DCAA’s latest woes, let us first look at its sister
Executive Branch oversight agency,
the Minerals Management Service (MMS). We
have posted before about the seemingly
disproportionate focus on contractor wrongdoing, and the seeming lack of
similar focus on government employee wrongdoing. Recently we have
learned that employees of the agency—which
regulates offshore drilling such as that of BP in the Gulf of
Mexico—accepted “lunches, football tickets, hunting trips and other
gifts” from the same companies it was supposed to be overseeing. That
type of independence violation makes all the hoopla about DCAA’s “lack
of independence under GAGAS” seem kind of de minimus, doesn’t it? But that’s not all.
A
so-far unreleased audit report
issued by the Department of Interior’s
Inspector General found evidence of a “cozy relationship” between the
Federal regulators and those they regulated,
according to statements made by Secretary of the Interior Ken Salazar. But that not anything new. In
mid-May, the Project on Government Oversight (POGO) reported that “In 2006 then-Interior Department Inspector General Earl
Devaney gave Congress
numerous explicit signs in testimony before the House's Energy and
Resources Subcommittee, when he described the culture at the Department
of the Interior as one that ‘sustains managerial irresponsibility and a
lack of accountability.’” Sound familiar? DCAA
received similar criticisms based on DOD IG and
GAO reports.
Moreover, as the article (link above) reminded readers: “In 2008, federal
inspectors rapped workers in MMS' Lakewood, Colo., office for having
sexual relationships with and accepting gifts from energy company
representatives. Federal investigators also
documented millions of uncollected oil and gas royalties because of
accounting problems at MMS.” On May 28, 2010, MMS Director Elizabeth Birnbaum resigned. Sound familiar? DCAA
Director April Stephenson “accepted reassignment” after more than a year
of constant criticism leveled at her agency.
But despite what you may hear about
DCAA, at least we don’t have IG—or mainstream media—reports braying about defense
auditors accepting gifts and going hunting with
the defense contractors that they audit. So they’ve got that going for
them….
On the other hand, DCAA doesn’t seem
to have completely silenced its critics, or persuaded Congress that it
has turned the corner with respect to audit quality. For example,
Senator Charles Grassley (R-Iowa) has expressed concerns that the
Centers for Medicare and Medicaid Services (CMS)—the oversight agency
charged with combating healthcare fraud—is overly reliant on DCAA for
performance of audits. This article at
GovExec.com reported that Senator Grassley was drafting a letter to CMS
acting Administrator Charlene Frizzera in which he stated his “deep concerns” with CMS’ reliance on
DCAA, and asserted that DCAA was a “substandard auditor.”
According to the article, Grassley will request that CMS “provide a
written justification to his office for its continued contracting with
DCAA and details of any independent verification of the agency's work.”
The article also notes that DCAA has received roughly $3 million in
inter-agency reimbursement payments from CMS over the past 3 Government
Fiscal Years.
But that’s not all. A May 28, 2010 blog post at POGO
reported on a memo jointly prepared and signed by DCAA Director Patrick
Fitzgerald and DCMA Director Charlie Williams. The memo, which can be
found at the POGO blog post (link above), largely reiterates testimony by Shay Assad (Defense Procurement & Acquisition Policy)
before the Commission on Wartime Contracting. It also reiterates
language from the DCMA/DCAA dispute resolution process that Mr. Assad published earlier this year. It seems pretty benign to us. But POGO
isn’t so sure. The blog author writes—
I think there are two ways to look at this memo. On the one
hand, this could be an effort from the new DCAA Director to try to
ensure that DCAA findings aren't ignored by the
Defense Contract Management Agency
(DCMA), as many at DCAA have claimed was the case in the past, and that
this is a step in the right direction to make sure that both agencies
work together to hold contractors accountable.
But on the other hand—and I think this is
probably the case—this memo demonstrates another instance where DCAA's
independent audit findings may be undermined. The memo states that
auditors and contracting officers should work
together to ‘resolve’ audit issues and emphasized that even when differences occur,
DCMA and DCAA should strive to work the issues within the respective
organizations. This memo gives the impression that audit findings are
something to be ‘resolved’ between the two organizations rather
than audit findings to be acted upon by the contracting officer. And to
the degree that this is the case, or that this memo confuses the
independent role of DCAA, the Director of DCAA should consider
withdrawing the memo.
The author demonstrates ignorance
of the relationship between DCAA and DCMA in the DOD oversight process.
Most readers understand that DCAA’s role is advisory only, and it is the DCMA contracting officers and administrative
contracting officers who have the authority to act officially on behalf
of the Defense Department. That relationship is
not a gap in contractor oversight or internal controls—it’s the way the
FAR requires it to be.
Moreover, when contrasted with the
previous audit guidance in place at DCAA—which goes just short of
expressly requiring auditors to report DCMA contracting officers to the
DOD Inspector General if the CO’s don’t accept audit findings as
submitted—it is clear that DCAA and DCMA are trying to patch-up their
strained relationship. It seems to us that POGO is trying to stir up a
tempest in teapot.
Regardless of the foregoing, DCAA
has yet to be let out of the doghouse. Neither GAO nor the DOD IG has
issued any reports that would suggest things have improved at the
Defense Contract Audit Agency. Until such reports are issued, Mr.
Fitzgerald should be considered to be on probation. But things could be
worse for him—he could be assigned to the Minerals Management Agency!
Bell Textron Pays for Mischarging Interorganizational Transfers
Properly
accounting for cost transfers between affiliated entities under common
control—commonly known as “interorganizational transfers” or “intracompany
transfers”—is a difficult task. For revenue recognition purposes, profit on such transfers
needs to be eliminated during consolidation. For government contract
cost accounting purposes, profit needs to be eliminated as well.
As one textbook on the subject states—
If it is determined that common control exists,
transfers of goods and services must be made at cost. This rule was
established to avoid the pyramiding of profits that would be possible if
profits were allowed on intracompany transfers. … Interorganizational transfers between such firms at other than cost, however, can
be made under special circumstances. (Pricing and Cost Accounting: A
Handbook for Government Contractors, by
Darrell Oyer)
Looking at the FAR, the Cost Principle
on Material Costs (31.205-26) has this to say—
(e) Allowance for all materials, supplies and
services that are sold or transferred between any divisions,
subdivisions, subsidiaries, or affiliates of the contractor under a
common control shall be on the basis of cost incurred in accordance with
this subpart. However, allowance may be at price when—
(1) It is the established practice of the transferring
organization to price interorganizational transfers at other than cost for commercial work of the
contractor or any division, subsidiary or affiliate of the contractor
under a common control; and
(2)
The item being transferred qualifies for an exception under 15.403-1(b) and the contracting officer has not determined the price to
be unreasonable.
(f) When a commercial item
under paragraph (e) of this
subsection is transferred at a price based on a catalog or market price,
the contractor—
(1) Should adjust
the price to reflect the quantities being acquired; and
(2) May adjust the price to reflect the actual cost of any
modifications necessary because of contract requirements.
So now that we all understand the rules, we have a contextual
foundation to understand a May 27, 2010 announcement by the Department of Justice. The DOJ reported that Bell
Helicopter Textron agreed to pay the United States a total of
$16,570,018 “to resolve civil claims arising from the company’s cost
charging practices.” According
to the DOJ press release, the company’s “billing of the costs of
certain subcontracts, work transfers, and other transactions with its
subsidiaries, divisions, and affiliated companies had resulted in
overcharges to the government.”
Importantly,
the company voluntarily reported its accounting problems. DOJ reported
that Bell Helicopter Textron first reported its overbillings in 2004.
DOJ stated—
The company submitted a report
in 2006 describing its conduct and the financial impact on the
government and paid the government $12,851,248. While the government
was investigating and analyzing the conduct the company disclosed, Bell
submitted additional reports detailing similar intra-company
transactions with Bell Helicopter Textron Canada Limited that resulted
in overcharges.
Because the company had voluntarily
reported its misconduct and cooperated with the DOJ in the
investigation, its settlement was limited to damages actually incurred
by the government. Had the circumstances been different, up to treble
damages might have been sought.
So the
lesson is clear. Do things right if you can. But if you can’t—be
forthright with the government.
|
Do You Really Need an Effective Compliance Program?
Recently we
posted an article about a defense
contractor who “self-disclosed” cost accounting problems that led to
overbilling the Department of Defense. We noted that “Because the company had voluntarily reported its misconduct
and cooperated with the DOJ in the investigation, its settlement was
limited to damages actually incurred by the government. Had the circumstances been different,
up to treble damages might have been sought.”
During 2007 and 2008, the FAR was revised to enhance
requirements related to contractor ethics and business conduct
policies. Among the various changes was the addition of a new subpart
at § 3.10 (Contractor Code of Ethics and Business Conduct) and
significant revisions to the contract clause 52.203-13 (“Contractor Code
of Ethics and Business Conduct”). Our recent article in the May 2010
edition of West’s Government Contract Costs, Accounting & Pricing
Report (entitled “Government Audits of
Contractor Ethics and Business Conduct Compliance Programs”) discussed those changes and issues related to DCAA audits of
the contractor policies. Importantly, the FAR revisions eliminated the
former “voluntary disclosure program” and implemented a new “mandatory
disclosure program” (which DOD simply calls “contractor disclosure”). Contractors who fail to timely
disclose wrongdoing face suspension or debarment from federal
contracting.
To be clear: disclosure of certain
acts of wrongdoing related to a contractor’s government contract(s) is no longer a matter within
management’s discretion; it is now a contractual
requirement. Although Bell Helicopter
Textron apparently benefited from the voluntary disclosure program, it
is doubtful that another contractor in a similar situation would reap
similar benefits today.
Moreover, it is questionable
whether voluntary disclosure was always the wisest course of action. It
is poorly remembered today, but Arthur Andersen originally
self-disclosed its document shredding to the Department of Justice
during the Enron litigation. That gesture of goodwill was insufficient
to overcome the audit firm’s prior acts of wrongdoing, and the firm was
eventually convicted of a crime related to obstruction of justice, and
ceased to exist as a viable entity. That the conviction was eventually
overturned by the U.S. Supreme Court was a hollow victory to the roughly
26,000 U.S. employees who lost their jobs as a result of the
original conviction. One is left to wonder what Andersen
gained—if anything—from its self-disclosure to the DOJ.
From that question, one might inquire whether having a robust
compliance program is truly a value-added proposition. Sure, a contractor must comply with
the letter of the FAR requirements, but is there any value to going
beyond the minimum necessary program requirements, and creating
a truly robust compliance program that is designed to detect employee
wrongdoing—one that deters wrongdoing by its very existence? Do the U.S. Sentencing Guidelines provide contractors with a
tangible reward for having effective compliance programs? (Readers may
recall that we discussed recent changes to the USSG in this article.)
That question was on the minds of
attendees at the 2010 Compliance Week Conference in Washington, D.C., as
they discussed the role and value of compliance programs. Acting
Deputy Attorney General Gary Grindler spoke to the attendees on May 25, 2010. Among other topics, ADAG Grindler said—
Now, how can you best advise
your clients in light of the Department’s enforcement priorities and
given the climate we are in where there is so much distrust of corporate
America.
First, you can make sure that
your clients have robust, effective compliance programs and internal
controls. A company’s compliance program continues to be one of the most
important factors that we consider under the Principles of Federal
Prosecution of Business Organizations. … Compliance programs must not exist only on paper.
In this context, I want to point out that the
United States Sentencing Commission recently amended the Sentencing
Guidelines on the issue of compliance programs. Specifically, the
Commission clarified the importance of assessing and modifying
compliance programs after you discover criminal conduct at your company.
The current Guidelines provide that, following the discovery of
criminal conduct, a company should, among other things, make ‘any necessary modifications to the
organization’s compliance and ethics program.’
In addition, the latest Guideline amendments
clarify the circumstances under which an effective compliance and ethics
program can entitle an organization to a 3-level reduction in its
culpability score. Specifically, the amendment allows an organization to
receive the decrease if the organization meets four criteria: (1) the
individual or individuals with operational responsibility
for the compliance and ethics program have direct reporting obligations
to the organization’s governing authority or appropriate subgroup
thereof; (2) the compliance and ethics program detected the offense
before discovery outside the organization or before such discovery was
reasonably likely; (3) the organization promptly reported the offense to
the appropriate governmental authorities; and (4) no individual with
operational responsibility for the compliance and ethics program
participated in, condoned, or was willfully ignorant of the offense.
These amendments reinforce the point that having a robust compliance
program is critical not only to preventing misconduct in the first
place, but also how your organization will be treated in the event
criminal conduct does take place.
According
to the article (link above), “some in the compliance industry have
expressed doubts about the importance of a pre-existing compliance
program, asserting that prosecutors will simply wrangle as many
concessions out of a company facing a criminal action as they can,
regardless of the state of its compliance efforts… Some of the
uncertainty seems to stem from the lack of concrete examples in which
compliance systems netted a better outcome for a defendant. …”
ADAG Grindler spoke directly to the skeptics when he said—
‘I want to emphasize… that having an effective
compliance program will be taken under consideration when you have to
talk to the government about a criminal violation. I’ve reviewed … a
number of negotiated resolutions where effective and solid compliance
programs did make a difference. Now I have heard that we don’t talk
about the impact of compliance programs on our decision to absolve a
matter, and at least when I was in the Fraud Section, I emphasized the
importance of doing that. What we can’t do is get into all the details
about it because … each case is different.’
Our
position at Apogee Consulting, Inc. is that robust, effective compliance programs make good
business sense. The cost of a compliance failure—in terms of fines and
penalties, litigation expense, opportunity cost of internal resources,
loss of market capitalization, and even brand devaluation—clearly
indicates a business case where the potential damages far outweigh the
cost of a compliance detection and prevention program. Regardless of whether you believe that the Department of
Justice really will take a company’s compliance program
into account when considering culpability, having that compliance program in place is simply good
business.
GSA Schedule Foul-Up Leads to $87.5 Million False Claims Act Settlement
Oops!
We’re quite sure that
Massachusetts-based EMC Corporation uttered
that word (or worse) when the Department of Justice intervened in a
whistleblower “qui tam” suit alleging, among other things, violations of
the False Claims Act. Here’s the DOJ announcement, reporting that EMC agreed to pay $87.5 million to settle
various allegations stemming from its GSA Schedule.
EMC Corporation, a Fortune 500 company
traded on the NYSE, is a multi-billion dollar
global provider of IT services. The company describes itself thusly:
EMC’s
Information Infrastructure business provides a foundation for customers
to manage and secure their vast and ever-increasing quantities of
information, automate their data center operations, reduce power and
cooling costs, and leverage critical information for business agility
and competitive advantage. EMC’s Information Infrastructure business
comprises three segments – Information Storage, Content Management and
Archiving and RSA Information Security.
EMC’s VMware Virtual Infrastructure
business, which is represented by EMC’s majority equity stake in VMware, Inc.
(“VMware”), is the leading provider of virtual infrastructure software
solutions from the desktop to the data center and to the cloud. VMware’s
virtual infrastructure software solutions run on industry-standard
desktop computers and servers and support a wide range of operating
system and application environments, as well as networking and storage
infrastructures.
We found an EMC brochure discussing its Federal government services.
Members of this website have access to our knowledge
resources. Among those resources one might find a couple of discussion
papers covering risk areas associated with GSA Schedules. Commonly
thought to be “low risk” contracts with the Federal government, the
reality is that GSA Schedule contracts are fraught with risk for unwary
contractors. Contractors whose only government contract is their GSA
Schedule contract, or
contractors who consider themselves to be “commercial companies” are at
the most risk—because such companies typically fail to invest in control
systems that would help to reduce the risk of a contract compliance
failure.
One of our discussion papers has
this to say:
- Risk Area: Pre-award disclosure of commercial sales practices
and discounts
- Contractor provides data on
commercial sales practices and discounting policies.
- Commercial Sales Practices (CSP) Format needs to be current,
accurate and complete at submission. If there is
any doubt about category of customers, discounts or concessions, err on
the side of disclosure.
- Risk Area:
Identification of Price Reduction Clause “Basis of Award” customers and
pricing relationship
- Contractor negotiates “Basis of
Award” (BOA) category of customers and BOA/GSA pricing relationship.
- Designate a category of customers that is realistic and
manageable, not too broad such as all commercial customers or all
national accounts. Make sure the category of customers price is accurate.
- Ensure that underlying terms and conditions of the most favored
customer pricing are clearly disclosed and understood.
- Be clear on pricing relationship between MAS contract price and
BOA category of customers price (i.e., proportional vs. absolute
relationship).
The DOJ had this to say about its
allegations regarding EMC’s Schedule contract:
… by misrepresenting its commercial pricing
practices, EMC fraudulently induced the General Services Administration
(GSA) to enter into a contract with prices that were higher than they
would have been had the information technology company not made false
misrepresentations. Specifically, the United States alleged that the … company represented during contract
negotiations that, for each government order under the contract, EMC
would conduct a price comparison to ensure that the government received
the lowest price provided to any of the company’s commercial customers
making a comparable purchase. According to the government’s complaint,
EMC knew that it was not capable of conducting such a comparison, and so
EMC’s representations during the negotiations – as well as its
subsequent representations to GSA that it was conducting the comparisons
– were false or fraudulent.
Oops—EMC should have read our discussion
paper! But that’s not all the DOJ has to say about this particular contractor—
The United States also alleged that EMC engaged in
an illegal kickback scheme designed to influence the government to
purchase the company’s products. EMC maintained agreements whereby it
paid consulting companies fees each time the companies recommended that a
government agency purchase an EMC product. These kickback allegations
are part of a larger investigation of government technology vendors that
has resulted in settlements to date with three other companies, with
several other investigations and actions still pending. The kickback
investigation was initiated by a lawsuit filed under the qui tam, or whistleblower, provisions of the False Claims Act, which
allow private citizens to sue for fraud on behalf of the United States
and share in any recovery.
EMC’s latest
quarterly 10Q report (May 7, 2010) had this to say in a footnote:
United
States ex rel. Rille and Roberts v. EMC Corporation.
Effective as of May 4, 2010, EMC entered into a settlement agreement
(the “Agreement”) with the United States of America, acting through the
Civil Division of the United States Department of Justice (the “DoJ”). The Agreement relates to a previously disclosed “qui tam”
action that followed an investigation conducted by the DoJ regarding (i) EMC’s fee arrangements with systems
integrators and other partners in federal government transactions, and
(ii) EMC’s compliance with the terms and
conditions of certain agreements pursuant to which we sold products and
services to the federal government, primarily a schedule agreement we
entered into with the General Services Administration in November 1999.
Pursuant to the Agreement, EMC will pay the United States $87.5 million.
In consideration of this payment, the United States has agreed to
release EMC with respect to the matters investigated and the claims
alleged by the DoJ in the civil action. As set forth in the
Agreement, EMC expressly denies any liability or wrongdoing in
connection with such matters and claims, and the settlement represents a compromise to avoid the
costs, distraction, and uncertainty of continued litigation. As
previously disclosed, EMC recorded an $87.5 million accrual for this
contingency as of December 31, 2009.
Well there you go. Readers might
recall our recent article on kick-backs.
We told you they are a “no-no”—especially in the government contracting
environment.
Saying “we told you so” somehow
seems to lack the air of professionalism for which we generally try to
achieve. But we will say this:
Sorry, EMC Corporation, but you should have checked this site before you decided to get into the GSA Schedule
contracting business.
|
