GAO Discusses DoD Program Management
It’s all about “knowledge-based acquisition practices,” according to a recent GAO report. The report covered the 86 Major Defense Acquisition Programs (MDAPs) managed by DoD.i GAO reported that the aggregate value of those 86 programs is $1.66 trillion (with a “T”)—so delivering each of those 86 programs on-time and on-budget is very much an important priority for the DoD as well as the taxpayers who are footing the bill.
The report is more than 200 pages long. Each MDAP is grouped by cognizant military service and then discussed individually. There are eight Appendices. Fundamentally, the report provides a year-over-year comparison of the 2016 MDAP portfolio and the 2017 MDAP portfolio.
To sum it all up in one sentence: “DOD estimates that its 2017 portfolio will cost more and take longer to deliver as compared to the 2016 portfolio.” But GAO didn’t just stop there: it evaluated the portfolio’s “buying power” (a term defined as “the amount of goods or services that can be purchased given a specified level of funding”). GAO concluded that “Since last year’s assessment, programs in DOD’s 2017 portfolio realized a combined $2.3 billion gain in buying power—meaning DOD is able to buy more goods or services for the same level of funding. Nonetheless, this gain was significantly less than the $10.7 billion increase in buying power achieved by the 2016 portfolio.” So DoD is doing better, but not better than it did last year.
Another conclusion from the GAO report is that newer programs are doing better than older programs. GAO reported “DOD has initiated 25 programs since 2010, when the government implemented significant acquisition reforms. These 25 programs represent 29 percent of the 86 programs in the current portfolio, but only account for about 15 percent of the portfolio’s total acquisition cost.” Further, GAO identified a possible reason for the better performance of newer programs—
The lower total acquisition cost in the post-2010 sub-portfolio may be due, in part, to the acquisition strategies that these programs have adopted. For instance, acquisition strategies that employ lower-risk, less complex approaches to system development—such as new increments of existing capabilities or affordability -based capability trades—can produce better cost outcomes.
In other words, GAO concluded that the less innovation involved, the better the acquisition outcome, in terms of cost and schedule.
But that’s not all. GAO also noted that programs that “promoted competition by awarding contracts competitively” fared better than those that did not. By “awarding contracts competitively” GAO meant that the prime contract for development, test, or production was awarded through competition rather than via a single or sole-source award. GAO reported “… the information from these programs shows a possible correlation between a reduction in estimated total acquisition cost growth and a program’s use of acquisition strategies that promote competition.”
Getting back to the knowledge-based acquisition strategies, GAO reported that—
… we observed MDAPs that implemented one or more of three specific knowledge-based acquisition practices had lower cost and schedule growth than those that did not. … These three practices were (1) demonstration that all critical technologies were very close to final form, fit, and function, within a relevant environment, before starting development; (2) completion of a preliminary design review prior to starting development; and (3) release of at least 90 percent of design drawings by critical design review.
Now we don’t disagree with GAO that the three practices above will lead to better program outcomes, in terms of cost and schedule. But where we depart is in the foundational assumption that better program cost and schedule outcomes are more important than innovation. Strictly adhering to the GAO’s practices will tend to lead to better cost/schedule performance, but by the time the warfighter receives the final product, it may be too late.
Moreover, GAO has more than three knowledge-based acquisition practices it deems to be appropriate for use on MDAPs. It has five practices related to entering system development.ii It has eight practices related to critical design reviews. It has five practices related to entering production. In aggregate, GAO has 18 knowledge-based acquisition practices that it believes lead to better program outcomes, but which we believe are inimical to innovative and agile weapon system development.
For example, GAO reported “The MQ-4C Triton program recently discontinued use of its hydrocarbon sensor—the only critical technology planned for its baseline configuration—after determining that the technology was obsolete and not critical to the aircraft’s mission or safe operation.” The program matured the technology, but by the time the technology was mature, it was already obsolete. Similarly, GAO said of the Next-Generation Jammer—
The NGJ Mid-Band program has seven critical technologies that are all approaching maturity and a stable design. This design stability could be disrupted, however, as technologies continue to mature up to and potentially beyond the system’s start of production in September 2019. … The NGJ program completed its critical design review in April 2017 and, as of August 2017, the contractor had released 100 percent of design drawings. This current design stability is premised on assumptions about the final form, fit, and function of critical technologies—and how these technologies will perform in a realistic environment—that may not come to fruition as NGJ critical technologies continue to mature.
Even when everything is copacetic (program-wise), entropy enters in the form of parts obsolescence. For example, with respect to the Evolved Expendable Launch Vehicle, GAO reported—
The Air Force may face challenges in supporting additional launches of its heaviest satellites because of parts obsolescence issues and the challenges for commercial-based systems to meet the National Security Space reliability and performance requirements for these missions. … However, while ULA has enough launch vehicle components to support these missions, if additional missions are required and other, new launch vehicles are not available as planned or projected, some new Delta IV Heavy components will have to be designed and manufactured to replace those that are no longer available from suppliers. The use of such components could involve substantial testing, certification, and additional cost.
In other words, by the time critical technologies are matured sufficiently to enter production, the specter of diminishing manufacturing sources and material shortages from obsolescence gives rise to the need to design, test, and mature additional technologies.
In summary, we believe that while knowledge-based acquisition practices offer opportunities to better manage programs, an undue focus on those practices is inappropriate in an acquisition environment that demands agility and innovation.
i� Interestingly, there does not seem to be a consistently used acronym for “Department of Defense.” GAO uses “DOD” while many within the Pentagon use “DoD.” We’re going with DoD unless we quote from a source that uses the other acronym.
ii� (1) Demonstrate all critical technologies are very close to final form, fit, and function within a relevant environment (TRL 6). (2) Demonstrate all critical technologies in form, fit, and function within a realistic environment (TRL 7). (3) Complete system functional review and system requirements review before system development start. (4) Complete preliminary design review before system development start. (5) Constrain system development phase to 6 years or less.
SAM Fraud
If you are not a government contractor and you want to become one, well, it’s not an easy thing to do. We’re not even talking about understanding the myriad rules and regulations that apply to government contractors, in which the violation of any one can crater your company. We (Apogee Consulting, Inc.) created a checklist to help companies new to government contracting understand those rules and regulations, which we use to evaluate contracting readiness. But that’s not the first barrier to market entry you need to overcome.
No; understanding the rules of the game is not the first impediment you face. Before you can even play the game, you’ve got to register to play.
Before you even think about bidding on your first government contract, you need to register in several government databases. For example, you need a DUNS number from Dun & Bradstreet. You to register in the SAM (System for Award Management) database, which includes providing detailed information and executing some representations and certifications. At the end of the SAM registration process, you will get a CAGE number. You will probably want to register in the Small Business Administration’s Dynamic Small Business Search (DSBS) database. In addition, many Federal agencies with whom you will want to do business have their own supplier databases, and you will want to register with those. In some cases, you may have to renew or update your registration annually.
There are many databases and each one wants detailed information and you have to provide that information if you want to play the Federal contracting game. Typically, the security of your information is provided by a User ID and a password, which you specify. As with all such security features, if you don’t choose a strong password, you aren’t doing yourself any favors. Further, if you don’t protect that password, it doesn’t matter how strong it is.
(We are reminded of one client who paid us to register his company into several government databases, which we did. But he never changed the passwords we initially used, despite our urging to do so. Some clients are challenging.)
Today’s article is about fraud in the SAM system. In late March, 2018, the General Services Administration (GSA), the agency that manages SAM, notified contractors that “a third-party changed the financial information of ‘a limited number” of contractors’” in the SAM database. Apparently that third party entered SAM and changed the bank account information that the contractors had provided. Nobody knows exactly how this exploit was accomplished, but security experts stated the most likely approach was to obtain SAM passwords via a “phishing” attack. In any case, it was possible that if the government made payments to those contractors, the payments would end up in the wrong bank account. This is exactly what happened in 2016, when Dwayne Hans diverted $1.5 million in PBGC payments to his own bank account. (Hans pleaded guilty and is currently awaiting sentencing as this article is being written.) SAM is no stranger to fraud. As Jason Miller’s story on Federal News Radio (link above) pointed out, “This is at least the third time SAM.gov has struggled to keep its information secure.”
Mr. Miller continues to update the story on the Federal News Radio website. In the latest update, he reported that “Up to 70,000 federal contractors are heading to their local notary to get that special stamp on a letter that’s destined for the General Services Administration to authenticate the vital details of their business, including who is the authorized ‘entity administrator associated with the DUNS number.’” According to the story, “GSA is requiring notarized letters for several thousand contractors immediately, and then any vendor whose existing registrations on SAM.gov need to be updated after April 27.”
At least 33,000 SAM registrants need to provide notarized confirmation that they intended to change their bank account information. The likelihood is that many of those registrants were intended victims of fraud. The problem is that many of those registrants are having challenges submitting the required notarized paperwork back to GSA. As Mr. Miller reported, “Of the 7,500 notarized letters received, GSA processed more than 3,300 and rejected almost 56 percent of them (1,910) for one reason or another.” That’s not a good statistic, is it?
SAM fraud. It should give every government contractor a chill. SAM registration is mandatory. If the sensitive information you enter isn’t secure, then the consequences for your company could be catastrophic.
On the other hand, cybersecurity is an important element of every online interaction. We reported here about recent attempts to hack our website. We have not reported about DFARS changes intended to make contractors secure “covered defense information.” (See DFARS 252.204-7012.) Why haven’t we addressed the cybersecurity compliance rules? Perhaps because law firms seem to have this one covered. For example: check this summary out. Or see one of the many articles authored by Bob Metzger of the firm Rogers Joseph O’Donnell.
Even though we haven’t made a big deal about it, cybersecurity is an extremely important topic, not only for government contractors, but for the government itself. As the recent SAM fraud demonstrates.
|
Conflicts of Interest
In competitions for government contracts, contracting officers are concerned about organizational conflicts of interest. An organizational conflict of interest is a situation where one bidder has a real or potential advantage because it has access to governmental information through its existing contract with the awarding entity. For example, a contractor performing technical support services for the agency may have access to other bidders’ proprietary information, and might use that information to gain an unfair advantage in the next competition. Another type of organizational conflict of interest might occur when a contractor is providing evaluation services to the awarding agency—for example, it is evaluating technical approaches in bidders’ proposals—and it is one of the bidders. In either case, companies are required to disclose real or potential OCIs to the contracting officer, as well as their mitigation plans. The contracting officer will determine whether the OCI has been effectively mitigated, or not. If not, then the contractor will be excluded from future competitions.
This is all discussed at FAR 9.5, for those interested. But that’s not what we want to talk about today. Instead, we want to talk about personal conflicts of interest.
A personal conflict of interest is a real or perceived incompatibility between one's private interests and one's public or fiduciary duties. In the corporate world, a conflict of interest exists when an individual’s personal interests interfere with the interests of the individual’s employer.
Generally, companies that have codes of ethics/business conduct include in those codes a requirement that possible conflicts of interest must be promptly disclosed Some companies have lengthy policy statements that go into great depth on the topic, attempting to guide employees towards disclosure. For example, Pacific Gas & Electric’s policy states (in part)—
A conflict of interest occurs when your private interests interfere in any way, or even appear to interfere, with the interests of PG&E as a whole. A conflict of interest can arise if you take actions or have interests that may make it difficult for you to perform your company work objectively and effectively. When you represent PG&E, you must avoid any real or apparent conflict between your interests and those of PG&E.
The COI policy goes on to cover such topics as favored treatment, accepting or giving gifts, holding an outside elected/appointed office, and outside employment. That latter topic is especially important to Apogee Consulting, Inc., since we have to carefully juggle client engagements with the duties of our full-time job. People frequently ask how we can perform consulting services without creating a conflict of interest with our full-time employer. The answer to that question is “carefully.” To illuminate the issues involved, we’ll quote (again) from the PG&E COI policy.
You must take special care when engaging in outside employment activities. You’re not permitted to have outside activities that compete with products or services offered by PG&E. (If you’re represented by a bargaining unit, this restriction applies only to products or services offered by your line of business.) The types of activities to avoid include the planning, design, manufacture, sale, installation, or maintenance of any commodity, equipment, or service that our lines of business currently provide or have known plans to provide.
Also, even if these requirements are met, you should take the following precautions to avoid a conflict of interest:
-
Don’t participate in an outside employment activity that could have an adverse effect on your ability to perform your duties for PG&E.
-
Don’t use company time or assets for your own business or other job.
-
Don’t solicit work from PG&E for your business or other employer based on inside knowledge of the company or contacts, and don’t solicit PG&E employees, vendors, or customers while at work. Local management has discretion to allow passive solicitation, such as a poster on a bulletin board or a catalogue on a lunchroom table.
-
If, during non-business hours, you solicit vendors or customers with whom you interact for PG&E, you must ensure that your solicitation does not create an appearance of impropriety or in any way imply that the vendor’s or customer’s dealings with PG&E will be affected by the response to your solicitation.
We adhere to those rules (or ones like them) because we do not want to create a conflict of interest with our full-time employer. To those rules we add—as our guiding principles—a prohibition on providing consulting services to any existing supplier, or to any supplier who has submitted a proposal to become a supplier, or to any direct competitor. Living by those principles means that, from time to time, we are required to turn down work. So be it.
Not everybody is as focused on avoiding personal conflicts of interests as we are. For example, in late 2017 we told readers about an indictment returned against a “procurement officer” at Sandia National Labs. This individual was going to award a contract for moving services. As part of the source evaluation and source selection processes, she (a) created her own company, (b) submitted a bid, (c) evaluated that bid and found it to be the best value, (d) awarded herself a contact, and (e) invoiced and paid herself.
That’s a pretty clear conflict of interest, in our view.
In related news, on April 25, 2018, the Department of Justice announced that the former SNL “procurement officer” was sentenced “to three years in prison for orchestrating a scheme to obtain approximately $2.3 million in federal funds through fraudulent means and for laundering the fraudulently obtained proceeds through her father’s companies.“ The sentence was apparently the result of a plea agreement.
In other related news, the Amtrak Office of Inspector General recently reported that a former Lead Contract Administrator for Amtrak “pleaded guilty to one count of federal program bribery.” According to the OIG report, the Contract Administrator (Miller) “steered four fleet maintenance contracts worth more than $7.6 million to a single vendor in exchange for approximately $20,000 in bribes, trips, and other items of value. Miller received the payments through a sham consulting company he created in coordination with two executives from the vendor to conceal his relationship with them.”
In other words, Miller created a “sham consulting company” that purportedly provided services to the same supplier to which he was selecting for contract awards. Again, that situation seems to be a clear conflict of interest.
Given all the above, how does a company check to see if its buyers, other procurement folks, and employees outside of purchasing are steering clear of any personal conflicts of interest? We believe it starts with identifying functions and individuals who have an opportunity to create a COI. Obviously, people who make subcontract and supplier awards very much have that opportunity. But are there other functions that also have a COI opportunity?
-
What about the engineer or other technical staff member who can list potential or recommended sources on a Purchase Requisition?
-
What about members of the technical team who can decide whether a part or service can only be provided by one source (i.e., creators of source-controlled drawings)?
-
What about functions or individuals that decide whether or not a supplier can be listed on an Approved Supplier List?
-
What about Quality Inspectors—especially supplier inspectors who are embedded deep in the supply chain, often at remote supplier sites?
The point is, it’s not just procurement folks you need to be thinking about. But if you don’t think about where potential COIs may be found in your organization, you are unlikely to ever detect one.
USAF Reorganizes for Speed, Innovation, Collaboration
Speed. Agility. Innovation.
Nearly everybody associated with defense acquisition says those are the goals. Well, along with on-time and on-budget delivery. Along with the requisite quality and performance. Never mind that some of those goals are mutually incompatible. (For example, in an agile, innovative environment, your budget was obsolete after Day 1 of program performance.) That’s what defense leaders say they want.
Despite saying that those are the goals, recent history has shown that the actions of the Pentagon’s “fourth estate” don’t match the words. It’s almost as if the Office of the Secretary of Defense (OSD) is in charge of defending the status quo, rather than “moving tail to tooth” in order to focus more of the massive DoD budget on direct warfighter support. Disappointing.
Nonetheless, it seems that the military services are taking responsibility for fostering weapon system development speed, agility, and innovation. For example, Air Force Secretary Heather Wilson recently announced a reorganization of the USAF Space and Missile Systems Center, an organization than oversees a portfolio of space-related acquisition programs valued at more than $6 billion. According to a report by Space News (link in previous sentence)—
Wilson … announced the Air Force will establish a new office that will report directly to Assistant Secretary for Acquisition Will Roper and whose mission will be to ‘speed things up.’ This office will work with program managers to identify bottlenecks. ‘Their job will not be to buy things but to change the Pentagon rules and processes through which we buy things so that speed is a priority and an expectation,’ said Wilson. ‘It’s time to stop circumventing the bureaucracy and start rewiring it.’ Many fingers are pointed when acquisition programs take too long to deliver products, but the ‘biggest barrier is in the Pentagon,’ Wilson said.
Secretary Wilson announced the reorganization of the SMSC and creation of two new offices within the new organization. One office will focus on innovation. The other will work “to increase partnerships with foreign allies and commercial space companies.” Another source reported that the new Innovation Office will “focus on emerging and pioneering technologies, which will free up program managers to concentrate their efforts on their own program.” The new Collaboration Office will focus on developing partnerships with “foreign allies and commercial space companies.”
It seems the Air Force gets it.
In particular, the Air Force seems to get the importance of collaboration. Not all DoD stakeholders seem to share that same viewpoint. For example: here. Candidly, it’s refreshing to see that somebody understands that innovation and true collaboration do not originate from “arms-length” or even adversarial business dealings; but instead, those attributes emerge when partnerships between government and industry are forged.
One need only look at recent legislation (e.g., the past thee or four NDAAs) to see that Congress is pressing DoD to fix its broken acquisition system. Now comes at least one piece of evidence that the military services are focusing on that issue as well. The only stakeholder in the process that really doesn’t seem to get it is the OSD, champion of the “fourth estate”—the entrenched bureaucracy that defends the status quo.
In 2006, the Defense Acquisition Performance Assessment reported that “’staff oversight organizations, lengthy lines of communication and adversarial relations’ resulted in excessive and ineffective exercise of authority without accountability and ‘inhibit proper execution of our programs. . . . The current decision-making process is flawed.’” (Fox, Defense Acquisition Reform 1960 – 2000, page 210.) In the intervening decade, it doesn’t seem that much has changed. One might speculate that the lack of acquisition reform success is tied to the Pentagon bureaucracy.
We don’t want to go on a rant here, but we think it’s past time to clean house at the OSD, to remove the detritus from past administrations, who carry the baggage of past policy failures. We don’t believe that the DoD acquisition system’s shortfalls will be successfully addressed until the path is cleared for it to happen.
In the mid-1990’s, when acquisition reform seemed to be taken seriously by almost all stakeholders, Colleen Preston was named Deputy Undersecretary of Defense (Acquisition Reform). As her title indicated, her focus was on reforming the defense acquisition system. She did so relentlessly for about four years, and then she moved on. Sometime in the late 1990’s her position was eliminated and replaced with the current Director of Defense Procurement and Acquisition Policy (DPAP). Notice, readers, that the focus shifted along with the change of title. We’re not saying that DPAP doesn’t embrace acquisition reform. But what we are saying is that one title seemed action-oriented while the other title seems a bit (shall we say?) passive.
Where do we go from here?
Congress seems to have some plans. The military services (or at least the Air Force) seem to have some plans. We wonder what the OUSD (A&S)’s plans are?
|
