Tag Archives: Government Regulations

Contract Line Item Structure – The Heart of Your Federal Government Business Deal


CLIN Final

“SMALL TO FEDS” By Ken Larson

“Contract Line Items (CLINs) specify products or services being procured and the negotiated prices for them. 

Carefully review (CLIN) relationships to other critical elements of your contract for consistency before proposing, accepting and signing your deal.

Housed in Section B of your contract, contract line items are critical for reporting and billing purposes in your accounting system. Invoices to the government for supplies or services delivered must reference the associated CLIN. 

For service contracts that are cost-based such as Time and Materials (T&M) or Cost Plus and for progress billings under fixed price contracts, your job cost accounting system must be able to track labor, material and other direct costs at the CLIN level or below to provide auditable details for payment approval. 

Government requisition and appropriation data against the CLIN are carried throughout the government finance and accounting system that makes payment on your invoices. CLIN’s form the backbone upon which all the other contract sections are built. If the CLIN structure is defective, it is likely many other areas of the contract will also be deficient.

During the “Sources-Sought”, “Pre-solicitation” or “Draft RFP” stages of a procurement the government often invites industry to comment on the evolving solicitation. The CLIN structure should be evaluated in relation to such items as the Work Breakdown Structure (WBS), the Statement of Work (SOW) and the contract schedule from the perspective of visualizing the work underway, tracking and reporting the status and finances of deliverables, inspection and acceptance and accurately billing the deliveries on invoices.

If the agency is establishing a poorly integrated CLIN structure you should comment appropriately to the contracting officer, suggesting corrections and additions to establish a framework against which your enterprise can estimate effectively, operate efficiently, report accurately and bill without experiencing delays. Most agency contracting shops appreciate such contributions.


As you read the narrative in this section, carefully establish that it adequately covers all the CLIN’s in Section B. During the proposal process it is wise to matrix each paragraph of the SOW to its associated CLIN so you are sure your CLIN level prices have adequately covered the scope described in the SOW and that the SOW addresses each of the CLIN’s identified in Section B. If there appear to be omissions point them out. Note where the SOW conflicts with or does not adequately describe the applicable CLIN’s in Section B. Also note where there may be missing CLIN’s. Then offer either a revision to the CLIN structure, a revision to the SOW, or both.


Insure that the instructions in this section cover each of the CLIN’s in Section B and that your company can comply with any specifications referenced.


Review the criteria for accepting the products and services to be delivered by CLIN as well as the location where deliveries will take place. Insure your company can comply with the criteria for acceptance. A payment will not be made without government acceptance of your delivery.


This section will replicate Section B and specify the due dates for deliveries by CLIN. Insure you can comply with the dates indicated.


The accounting and appropriation data in this section must be replicated where necessary in your bill to the government by CLIN. Please see the article at this blog entitled, “Government Contract Billing”:



Check for any special requirements, such as Earned Value Management Systems, the requirement for a Work Breakdown Structure against which to report cost and schedule data and other clauses such as Design to Cost/Life Cycle Cost, Reliability, Safety and Failure Analysis reporting requirements and similar specifications. If you find such requirements, carefully review the reporting structure therein for consistency with the CLIN structure of the contract and point out any disparities to the Contracting Officer.


Carefully review this section in the same manner as Section H.


The Contract Data Requirements List (CDRL) will be in this section. Insure there is a separate CLIN for data items. Most contracts price data at zero cost and include the cost to prepare the data in other CLIN pricing. Determine which of the CLIN’s will be affected by the data items required in this section and insure the pricing for those CLIN’s includes that cost. Perform an identical review of any other documents contained in this section.


Insure that all information provided in this section is consistent with the data specified in each of the sections above.


By conducting a thorough review of the CLIN structure against all other sections of your prospective contract you will establish a consistent framework and an integrated approach to tracking and reporting the status and finances of deliverables, inspection and acceptance of same and billings that will be promptly paid.

The following is an example of a typical federal government contract CLIN structure:




Firm Fixed Price

The contractor shall perform research and development efforts in

accordance with Section C and the Contractor’s SBIR Phase I

proposal dated September 2002 in response to SBIR Topic N02-140



0001AA Monthly Status Report 1 LOT $11,000.00

The contractor shall perform research and development efforts and

provide the First Monthly Status Report in accordance with CDRL AO01.



0001AB Monthly Status Report 1 LOT $11,000.00

The contractor shall perform research and development efforts and

provide the Second Monthly Status Report in accordance with CDRL A00I



0001AC Monthly Status Report 1 LOT $11,000.00

The contractor shall perform research and development efforts and

provide the Third Monthly Status Report in accordance with CDRL A001.



0001AD Monthly Status Report 1 LOT $11,000.00

Phase 11 Program plan

The contractor shall perform research and development efforts and

provide the Fourth Monthly Status Report in accordance with CDRL A001

and the Phase 11 Program Plan in accordance with CDRL. A002.



0001AE Monthly Status Report/ 1 LOT $11,000.00

Preliminary Report

The contractor shall perform research and development efforts and

provide the Fifth Monthly Status Report in accordance with CDRL A001

and the Phase I Preliminary Report in accordance with CDRL A003.



0001AF Contract Summary 1 LOT $13,587.00


The contractor shall perform research and development efforts and

provide the Phase I Final Report in accordance with CDRL A004.

CLIN 0001 TOTAL $68,587.00





Firm Fixed Price

The contractor shall provide the data deliverables in support of

CLIN 0001 in accordance with attached CDRLs.

* – Not Separately Priced




Firm Fixed Price

The contractor shall perform research and development efforts in

accordance with Section C and the Contractor’s SBIR Phase I proposal

dated September 2002 in response to SBIR Topic N02-140.



0003AA Monthly Status Report 1 LOT $9,000.00

The contractor shall perform research and development efforts and

provide the First Monthly Status Report in accordance with CDRL A001.



0003AB Monthly Status Report 1 LOT $9,000.00

The contractor shall perform research and development efforts and

provide the Second Monthly Status Report in accordance with CDRL AOO1.



0003AC Contract Summary 1 LOT $11,490.00

The contractor shall perform research and development efforts and

provide the Phase 1 Final Report in accordance with CDRL A004.

CLIN 0003 TOTAL $29,490.00






Firm Fixed Price

The contractor shall provide the data deliverables in support of

CLIN 0003 in accordance with attached CDRLs.

* – Not Separately Priced

CLINS 0001 – 0004 TOTAL $98,077.00



Handling Ethics Related Disputes in Federal Government Contracting




“Proper business ethics is not only good business, but also required by the Federal Acquisition Regulation.

However, there are times when contractors and the government do not have the same view of what proper business ethics are.”

“Industry executives must know how to handle delicate situations where the government — acting either as customer or as regulator — represents that a contractor’s ethics program or level of ethical business operations are not as robust as they should be.

This discussion must begin with a foundational understanding of the Federal Acquisition Regulation requirements for business ethics and conduct.

According to FAR 52.203-13, contractors must: maintain a written code of business ethics and conduct that is available to all employees performing on government contracts; exercise due diligence to prevent and detect criminal conduct; promote a culture that encourages ethical conduct and a commitment to compliance with the law; comply with the Mandatory Disclosure Rule; and train employees and consider training agents and subcontractors on the code of ethics.

They must also: maintain internal controls and employ timely corrective measures following discovery of issues and problems; have a reasonably high-ranking individual in charge of the compliance program; conduct periodic reviews and evaluations of the ethics and compliance program and address shortfalls; maintain a hotline for reporting concerns; and discipline individuals who fail to “take reasonable steps to prevent or detect improper conduct.”

This rule has been in existence long enough that there is little question about what is required. But take a moment to ponder what is not required. Contractors do not have to spend a certain amount of money on ethics and compliance. They have the ability to scale their programs according to business size and risk. For example, smaller companies do not need to adopt the business ethics programs of multibillion-dollar prime contractors.

Perhaps most importantly, contractors are permitted to make mistakes. They do not have to be mistake-free to continue doing business with the government. After all, we are not infallible as a species.

A common source of friction between the government and contractors concerns the robustness of a company’s business ethics program. It is tempting for the government to represent that because there was a problem, the contractor’s business ethics program is not up to par. But that does not necessarily follow. The Federal Acquisition Regulation expressly calls for prompt corrective action following mistakes, making clear that mistakes are expected even for contractors with the most robust of programs.

The requirement is to address any weakness in controls that permitted mistakes, thereby reducing the likelihood of recurrence. Naturally, prompt and appropriate punishment for missteps will be expected when called for under the circumstances.

Another frequent source of friction is for the government to draw a negative inference from contractors’ profit motives. “They’re only in it for the money” is a common refrain in the government enforcement and integrity communities. The inference being that a desire to maximize profit will cause companies to cut corners or engage in unethical business practices to make a buck. But, for the overwhelming majority of contractors, this suspicion is misplaced. Profit motive drives industry to seek to keep customers happy so they can get the next contract.

These friction points periodically cause government staff to make representations about the lack of robustness of a contractor’s ethics, or the status of its ethics and compliance program. A common industry response to such a representation is to feel like the observations are undeserved but largely without effect, and therefore can be worked through or ignored. But contractors ignore those statements at their peril. The danger in these observations is that the Federal Acquisition Regulation contemplates suspension and debarment — exclusion from federal contracting — and contract-specific responsibility determination refusals to award contracts to companies that lack the requisite satisfactory record of business integrity and ethics. Examples include FAR 9.4 and FAR 9.104-1(d).

Accordingly, contractors are well advised to address these government representations head-on. Asking what, specifically, is the concern and continuing the line of questioning until the government’s concerns are exhausted can help clear the air. Many times, one or two issues that are easily addressed lie at the core of the government’s consternation. Making progress on those points can eliminate the government’s worries and strengthen the relationship with the customer or regulator.

Other times, the concerns relate to matters that are not contractually required; for example, not increasing the contract’s scope without compensation. Those interactions require more delicate handling, but it may be better to have difficult interactions than to permit mistrust to fester.

Further, contractors might consider keeping records of these conversations in their contract file. These contemporaneous records can assist in responding to past performance evaluations and inquiries from suspending and debarring officials that may result from lingering government concerns about contractor ethics.”


Important June Update Notices From GSA on Registering and Maintaining Government Contracting Registrations




“Notarized Letter changes and New Login Process Coming June 29th 2010”

“GSA. GOV SAM Update

GSA has taken action to address fraudulent activity in the System for Award Management (SAM). The measures GSA already put in place to help prevent improper activity in SAM include masking specific data elements in the entity registration even for authorized entity users; requiring “parent” approval of new registrations for their “child” entities; and requiring the formal appointment of the Entity Administrator by original, signed notarized letter.
Additional enhanced controls will be deployed at the end of June. These controls include implementing multi-factor authentication using Login.gov and notifying Entity Administrators when there is a change in the entity’s bank account information. As a result of these and other measures, GSA is modifying the current notarized letter review process in two phases.


How is the notarized letter review process changing on June 11, 2018?

  • Effective June 11, 2018, entities who create or update their registration in SAM.gov to apply only for federal assistance opportunities such as grants, loans, and other financial assistance programs no longer need to have an approved Entity Administrator notarized letter on file before their registration is activated.
    • Hint: This applies to you if your SAM.gov Purpose of Registration is Federal Assistance only. Check SAM.gov to find your Purpose of Registration.
  • Federal Assistance entities still must mail the original, signed copy of the notarized letter to the Federal Service Desk. Failure to do so within 30 days of activation may result in the registration no longer being active.

How is the notarized letter review process changing on June 29, 2018?

  • Effective June 29, 2018, all non-Federal entities who create or update their registration in SAM.gov will no longerneed to have an approved Entity Administrator notarized letter on file before their registration is activated.
    • Hint: This applies to you if your SAM.gov Purpose of Registration is either Federal Assistance or All Awards. Check SAM.gov to find your Purpose of Registration.
  • All non-Federal entities still must mail the original, signed copy of the notarized letter to the Federal Service Desk. Failure to do so within 30 days of activation may result in the registration no longer being active.

Where can I find the notarized letter templates?

Does the notarized letter requirement apply to U.S. Federal Government entities registering in SAM?

  • No.


What is the new login process for SAM.gov?

  • Effective June 29, 2018, when you go to SAM.gov and log in, you will be asked to create a Login.gov user account. Your current SAM.gov username and password will no longer work.

What is the most important thing I need to do before June 29th?

  • Make sure you know the email address associated with your current SAM.gov user account.

Why do I need my current SAM.gov user account email address?

  • Using the same email address allows SAM.gov to automatically migrate your roles. If a different email address is provided, your roles will need to be reassigned. This could cause delays updating your existing registrations.

How do I find the email address for my SAM.gov user account?

  • If you don’t know which email is associated with your SAM.gov user account, take action now. Go to www.SAM.gov → My SAM → My Account Settings → Edit User Information. As of June 29, 2018, your current username and password won’t work, so take steps now to confirm your email!

What do I need to create my Login.gov user account?

  • You will need to:
    1. know the email address associated with your SAM.gov username and password
    2. have access to that email to receive a confirmation email from Login.gov, and
    3. have a working phone (cell phone or landline) to receive a security code from Login.gov.

Why is SAM.gov making these user account changes on June 29, 2018?

  • To further increase security and deter fraud, SAM.gov is partnering with Login.gov to implement multi-factor authentication for registered SAM.gov users.

Will this change impact public users who do not log in to SAM.gov?

  • No. There is no change for users who search and view public data on SAM.gov without logging in to the system.

Will I be able to get help for this new login process?


GSA’s System for Award Management (SAM) continues to support an active investigation by the GSA Office of Inspector General (OIG) into alleged, third-party fraudulent activity in SAM. Only a limited number of entities registered in SAM were suspected of being impacted by this alleged fraudulent activity. In March 2018, GSA took steps to address this issue and notified affected entities. GSA continues to work with the OIG and law enforcement agencies to take additional action, as appropriate.

What has GSA been doing to address the problem?

GSA took a number of proactive steps to address this issue, including system modifications, to prevent improper activity going forward. In addition, GSA expired, then deactivated any entity registrations that appeared to have been affected. These entities were advised to validate their registration information in SAM, particularly their financial information and points of contact, before reactivating the entity registrations. Further, GSA has begun implementing additional reviews during the registration process to prevent future issues.

What interim changes were made to the SAM registration process?

These proactive steps include requiring submission of an original, signed notarized letter identifying the authorized Entity Administrator for the entity associated with the Data Universal Numbering System (DUNS) number. GSA posted instructions for domestic entities and instructions for international entities for easy reference. This requirement went into effect on March 22, 2018, for new entities registering in SAM and went into effect on April 27, 2018, for existing registrations being updated or renewed in SAM. Changes are coming to this process on June 11, 2018, for Federal Assistance only entities and on June 29, 2018, for all entities.

Who was impacted?

Entities with registrations that appeared to be impacted were notified. Instructions were provided explaining how to validate registration information and how to reactivate the registration. In addition, entities whose bank account information for Electronic Fund Transfer (EFT) changed within the 12 months prior to March 2018 were notified. Although not associated with suspicious activity, these entities are required to validate their registration information, particularly their EFT information.

What is an entity?

In SAM, you, your company, business, or organization is referred to as an “entity.” Individuals register themselves or their entity to do business with the U.S. Federal Government by completing the registration process in SAM.

What should entities registered in SAM do to protect themselves and confirm that their bank account information has not been changed?

Entities registered in SAM are advised to log into SAM and review their registration information, particularly their bank account information for Electronic Funds Transfer (EFT) on the financial information page. Contact the supporting Federal Service Desk at www.fsd.gov, or by telephone at 866-606-8220 (toll free) or 334-206-7828 (internationally) Monday through Friday from 8 a.m. to 8 p.m. (ET), for FREE assistance. Entities are responsible for ensuring that their information is current and correct in SAM in accordance with paragraph (b) of Federal Acquisition Regulation (FAR) clause 52.232-33 or Title 2 of the Code of Federal Regulations Part 25 (2 CFR § 25.310 and Appendix A), as applicable, and should routinely review such information for accuracy.

Who should entities contact if they find that payments due them from Federal agencies have been paid to a bank account that other than their own?

If an entity suspects a payment due them from a Federal agency was paid to a bank account other than their own, they should contact the Federal Service Desk at www.fsd.gov, or by telephone at 866-606-8220 (toll free) or 334-206-7828(internationally), Monday through Friday from 8 a.m. to 8 p.m. (ET), for FREE assistance.

Where can an international entity find information about the notarized letter process?

Entities not located in the U.S. or its outlying areas should read the international entity instructions posted at the Federal Service Desk that outline procedures and provide links to letter templates. If they have additional questions, international entities should contact the Federal Service Desk at www.fsd.gov, or by telephone at 866-606-8220 (toll free) or 334-206-7828 (internationally), Monday through Friday from 8 a.m. to 8 p.m. (ET), for FREE assistance.
GSA’s Office of the Inspector General (OIG) is actively investigating alleged, third party fraudulent activity in the System for Award Management (SAM).  At this time, only a limited number of entities registered in SAM are suspected of being impacted by this fraudulent activity. GSA is in the process of notifying these affected entities.
IMPORTANT NOTE:  In a proactive step to address this issue, GSA is now requiring an original, signed notarized letter identifying the authorized Entity Administrator for the entity (company) associated with the DUNS number before a new SAM.gov entity registration will be activated. GSA has very specific requirements for this notarized letter—click here for Federal Service Desk (FSD) guidelines.  A template has been developed by Procurement Technical Assistance Center (PTAC) experts that can serve as the starting point for this document.  It must be completed with the specified information, printed on company letterhead, notarized, and mailed to the Federal Service Desk at the address indicated. Download Template here.
Who is impacted? Entities who may have been impacted are those whose financial information has changed within the last year. GSA began notifying affected entities on March 22, 2018.
All entities registered in SAM are advised to log into SAM and review their registration information, particularly their financial (bank account) information. GSA reminds everyone that entities are responsible for ensuring that their information is current and correct in SAM.
Any entity finding that a payment due to them from a federal agency has been paid to a bank account other than their own should contact their Federal agency awarding official.
How is GSA addressing this situation?  In addition to the above, GSA has expired – then deactivated – any entity registrations that appeared to have been affected. These entities are being advised to validate their registration information in SAM, particularly their financial information and points of contact. Further, GSA has begun implementing additional reviews during the registration process to prevent more issues.



You have worked hard establishing your small business in the commercial market; or you have succeeded in your profession working for large enterprises. You have established yourself and you are recognized as a success by your superiors, your peers and your subordinates. Someone or something one day attracts your attention with the suggestion that the federal government may be in the market for your skills, products or services. This article will address the path to expanding your existing business or initially undertaking a business involving federal government contracts.


The best way to explore federal government contracting possibilities is to expand your business plan to include a sector for that type of business or develop your start up plan including a federal government business sector. Doing business with the Federal Government is not “Rocket Science” but it is different. It embodies a set of regulations entitled, “The Federal Acquisition Regulation” or FAR, which contain the rules by which the government and industry abide in contracting for supplies and services. The FAR had its genesis during World War II and has evolved since that time to control and regulate the ever-expanding amounts of goods and services which the federal government buys.

The following are the most important “Mechanical Steps” necessary in positioning your business to begin selling to the federal government. They are listed in the necessary sequence for becoming a supplier entity in the government system. A link to appropriate web sites is provided at each step.

A. Dunn &Bradstreet (D&B) Number Go to Small Business Tab At:


If you do not have one a D and B Number is necessary before you can complete a Registration (CCR) which is required for all companies who aspire to sell to the federal government. A D and B Number is also required for your Small Disadvantaged Business (SDB) application if you intend to pursue minority- owned business certification. If you are not already incorporated you may wish to incorporate before you set up your D and B number. Incorporation is fairly inexpensive these days and can be done via the WEB for either a non-profit or a for-profit business. Try search mechanisms, such as “Incorporate.com”, or “Incorporate Now”. It is best to do a check with the Better Business Bureau before using the results. Establishing your D and B is free.

B. For Central Contractor Registration:

C. For application in the SBA Small, Disadvantaged Business (SDB) Program:


If you qualify as a minority, follow the directions closely. Note there is a preview section which will acquaint you with the application and the types of information that will be necessary when you start the process.

D. For Historically Under-Utilized Business (HUB) Zone Information:

Note that Hub Zone qualification is based on where the business is located and where the personnel in the business reside as well.

E. For Searches on Federal Buys:


FEDBIZOPS is the gateway for all federal business. The search tool there is a very powerful engine with many filters that are useful. It is well worth the time to learn the filters. Every federal agency is required by regulation to advertise there and you will be amazed at the products and services the federal government buys.

F. For an example of a small business capability statement check the following web site:

A capability statement is always a good idea for marketing. The link above as an example. It was found on the web in the public domain Note that the site is a SDB. Later you will get into proposal preparation and the regulations governing the types of grants and contracts, as well as billing the government for your work and other factors.

G. Questions for you:

Are you planning to produce a deliverable, distinct, end product such as software, hardware, a commodity, a report, a conference, a survey or a study, sell it to meet the government’s statement of work and bill for the end product when delivered?


Are you planning to price your services at an hourly rate, sell them by labor categories with professional job descriptions to perform the government’s statement of work and bill by the hour for labor and at cost for material and travel?

Answers to the above questions are key factors in how you set up your business and price your work in proposals to federal agencies. The answer to the above questions is “Yes” in both cases for some businesses. Some small businesses sell their product commercially, but contract for product implementation and support on a service contract basis.
The next topic in this series of articles will deal with avenues for marketing a small small business in the federal government environment.”


Forthcoming Changes to Federal Government Contract Bid Protest Regulations


law & justice


“The National Defense Authorization Act for fiscal year 2018 includes some significant changes affecting contractors with regard to challenges to requests for proposals and contract awards, otherwise known as “bid protests.”

The introduction of a new pilot program under which large defense contractors will be required to pay the Defense Department’s costs where a protest is denied; and the enhancement of post-award debriefing rights.”


“While Congress passed the former with the intent of reducing frivolous protests, it is likely the latter — which will give contractors greater insight into the rationale behind procurement decisions — that will have a greater impact on the number of protests filed.

Section 827 of the act requires that the department establish and implement a three-year pilot program under which “large” defense contractors will be required to reimburse the department for “costs incurred in processing covered protests” for protests “denied in an opinion” by the Government Accountability Office.

A large contractor is defined as one with revenues in excess of $250 million, and the pilot program will apply to protests filed at the GAO between Oct. 1, 2019, and Sept. 30, 2022.

By limiting the scope of this loser-pays provision to those protests that are “denied in an opinion” by the GAO, this reimbursement provision will potentially only apply to a small number of protests. A recent study by the RAND Corp. examined defense protests at the GAO from fiscal years 2008 through 2016. This study found that less than 0.3 percent of such procurements are protested at the GAO, and that small business protests make up more than half of those.

While a protest sustain rate of 2.6 percent for fiscal years 2008 through 2016, or approximately 300 out of 11,459 protests, appears to suggest there is a great number of frivolous protests, deeper analysis of GAO’s statistics shows that is simply not the case. Approximately 21 percent of the bid protests filed were resolved by a decision on the merits. Of those 2,429 defense protests that reached the merits, nearly 300 were sustained. In other words, only 2,133, or approximately 20 percent of all the protests filed over eight years, were denied in an opinion.

With regard to the 79 percent of protests resolved without an opinion, a significant number — approximately 40 percent — were dismissed as a result of the government voluntarily correcting procurement errors noted in a bid protest. In addition, a number of protests were voluntarily withdrawn after protestor’s counsel had the opportunity to review the confidential record underlying the agency’s procurement decision.

In other words, this legislation will impact a relatively small number of protests. The 2,133 Defense Department bid protests denied in an opinion over an eight-year period equates to approximately 267 per year. Of those protests, the reimbursement provision will only affect protests filed by large contractors. If the percentage of protests filed by small businesses — over half — holds, even if adjusted to account for the lower effective rate of protests filed by small businesses reported by RAND, that number is likely under 200.

While this provision will impact a relatively small number of protests, the financial impact for those few may be significant. Congress did not define or elaborate on what costs are considered “incurred in processing covered protests” or how those costs will be quantified. Considering the amount of time legal and contract administration staff spend working on bid protests, these costs could easily exceed six figures.

But until the department issues guidance on how this provision will be implemented, it will be difficult for large defense contractors subject to this provision to evaluate the risks involved in filing a bid protest at GAO.

Finally, it is unclear how contractors will be determined to meet the large contractor threshold outlined in the new NDAA. The statutory definition: a contractor with revenues in excess of $250 million “during the previous year,” does not clarify whether this means the contractor’s fiscal year, government’s fiscal year or calendar year.

This also raises the question of whether contractors are expected to opt-in to be considered as a contractor to which this provision applies. Contractors will have to await department guidance as to whether they will be required to implement additional accounting measures to determine applicability or whether it will consider existing financial information, such as the revenues reported in the System for Award Management. Thankfully, the pilot program does not apply to protests filed before Oct. 1, 2019, so the department has time to issue regulations filling in these gaps.

Once the Defense Department has issued guidance on what costs will be included, large contractors may consider filing bid protests at the Court of Federal Claims instead of GAO, as this loser-pays provision does not apply to protests filed there. Once GAO implements its online filing system, a $350 filing fee will be required for bid protests. The court’s filing fee is currently $400; thus, the cost of filing is unlikely to influence a contractor’s decision where to file, particularly those large contractors affected by the provision. Although a bid protest filed at the court does not result in an automatic stay of performance of the protested contract pursuant to the Competition in Contracting Act, it does have the authority to issue an injunction, and the government often voluntarily stays performance pending the resolution of the protest.

One of Congress’ goals in implementing the loser-pays provision is to discourage the filing of frivolous GAO protests. However, most government contractors, particularly the large contractors affected by this provision, understand the protest process and engage experienced protest counsel. As a result, these government contractors are cognizant of the potential harm to their reputation by filing a frivolous protest and are reluctant to do so.

Further, GAO’s bid protest regulations provide for mechanisms to dismiss frivolous protests. Those that are deemed untimely or meritless are often resolved early in the protest process, prior to an agency incurring significant costs in processing these protests. It is likely that measures for the deterrence of frivolous protests will have a greater impact if implemented at this stage of the protest process, rather than this fee-shifting provision for protests denied in an opinion.

In addition, GAO already has authority to discipline contractors that file frivolous protests, recently holding that a contractor that “routinely and repeatedly” filed protests “that are not legally sound” had abused the GAO process, wasted tax-payer dollars and, as a result, would be suspended from filing protests at the GAO for two years. See Latvian Connection LLC – Reconsideration, B-415043.3, Nov. 29, 2017, where GAO also dismissed all pending protests filed by the contractor.

While Congress’ goal is admirable, the loser-pays provision is unlikely to have the desired effect. As noted above, this provision applies to the small percentage of bid protests that survive the GAO’s preliminary dismissal measures for frivolous protests or other resolution procedures. Even without the introduction of this loser-pays provision, approximately 21 percent of GAO bid protests of DoD procurements reach the merits.

When it is effective, protestors subject to the provision may well decide to voluntarily dismiss a higher percentage of protests after review of the record, further decreasing the percentage of GAO protests that are resolved by decision.

Finally, it should be noted that a bid protest that reaches the merits and is then denied by the GAO does not equate to a frivolous protest. Some issues are simply close calls. And for those cases, after the effective date of the pilot program contractors will have the ability to avoid the loser-pays provision by filing protests at the Court of Federal Claims.

Meanwhile, for the past five years, the Air Force has provided unsuccessful offerors an opportunity to request an “extended debriefing,” which permits the unsuccessful offeror’s outside counsel to review the agency’s redacted source selection documents and ask questions. This information is typically only provided to the protestor’s counsel under a protective order following the filing of a bid protest at the GAO. By allowing the protestor’s counsel to obtain as part of the debriefing more complete information about whether the Air Force made the correct procurement decision, the hope was to avoid protests filed in part to obtain the more complete record.

Wisely, in the new NDAA Congress chose to expand the Air Force’s innovative program. Section 818 enhances that existing pilot program for “extended debriefings” by requiring a revision of the Defense Federal Acquisition Regulation Supplement to apply certain debriefing requirements across the department.

First, contractors are entitled to a debriefing for all contracts and task orders valued at $10 million or higher. Second, the agency is required to disclose its redacted source selection determination for contracts in excess of $100 million. Third, contractors are provided an opportunity to ask follow-up questions after a debriefing.

The deputy director of defense procurement and acquisition policy tasked the DFARS Contract Administration Committee to draft the proposed rule implementing Section 818. The report is due in March. Congress has provided a deadline of six months from the date of enactment to implement these changes.

Under the new rules, a debriefing — oral or written — is required for all awards in excess of $10 million, regardless of whether it was a negotiated procurement conducted under FAR Part 15. Not only does this affect contractors’ rights with respect to debriefing, but it also affects the deadline for filing a timely bid protest where debriefings were not previously required. Even if the information was known prior to the debriefing, a bid protest may only be filed after the debriefing, and no later than 10 days after the debriefing if filed at the GAO. But note that a protest must be filed within five days of the debriefing to trigger the Competition in Contracting Act’s automatic stay of performance.

The most significant change is the requirement to disclose a redacted source selection determination for awards in excess of $100 million.

In addition, small business contractors and nontraditional contractors are provided an option to request the same redacted disclosure for awards in excess of $10 million. The successful awardee is also entitled to the same debriefing and disclosure rights as the unsuccessful offerors.

Unsuccessful offerors are provided an opportunity to submit follow-up questions related to the debriefing within two business days following a post-award debriefing. The agency is then required to answer in writing within five business days after receipt of the follow-up questions. The debriefing is then considered complete when the agency responds to the unsuccessful offeror’s questions.

While these deadlines may appear short, it is in line with the deadline for filing a timely bid protest at GAO, which is 10 days after a required debriefing. Offerors will still have an opportunity to file a timely bid protest even after the post-debriefing Q&A process.

The ultimate impact of these changes will depend on the regulations issued to implement the NDAA provisions, so contractors should carefully monitor developments over the coming year.”



For Defense Contractors New Qualification Cyber Rule Requires Auditable Plan Documents


Internet security


“Making a system security plan and plan of actions and mitigations is crucial to winning new business and keeping existing contracts this year and moving forward.

Here are some tips on how to approach creating and utilizing these complex compliance documents.”


“Contractors and their supply chain with active Defense Department contracts, or those that plan on doing business with it, must assure that any of their data systems that transmit, process or store controlled unclassified information are compliant with National Institute of Standards and Technology Special Publication 800-171 “Protecting Controlled Unclassified Information in Non-federal Information Systems and Organizations.”

It’s clear that meeting the Defense Federal Acquisition Regulation Supplement 252.204-7012 mandate to comply to the special publication is a required priority for defense contractors, subcontractors and suppliers.

First of all, DFARS compliance includes safeguarding all controlled unclassified information and “covered defense information.” Contractors must report cyber-related incidents to the Defense Department and any deviations or gaps from NIST SP 800-171. They must show progress on a “plan of action with mitigations” and report and maintain a “system security plan.”

The plan of action with mitigations and system security plan are important artifacts to use to demonstrate your adherence to the NIST 800-171 guidance. Defense contractor or suppliers will need to submit these compliance documents to the department or a prime contractor, preferably sooner rather than later. Defense Department documentation calls these type of artifacts “critical inputs to an overall risk management decision to process, store or transmit” controlled unclassified information.

Contractors processing, storing or transmitting controlled unclassified information must meet these security standards at a minimum that were laid out in the Defense Federal Acquisition Regulation Supplement. Those who decide to avoid it, unfortunately risk losing contracts this year and in years moving forward and even risk falling under the False Claims Act. Especially if a company has already received a questionnaire, it’s important that it submit its compliance status truthfully, and prepare compliance documents now if it wants to keep its customers.

Identifying the scope and target of valuation is important here. There are approximately 120 controls included in NIST SP 800-171 and assessing each of these controls for documents, for every component of a system, can be a massive undertaking for an organization. By identifying only those components that are either directly or indirectly in scope, a contractor can reduce the list of areas that need to be assessed.

Having these two documents proving each control status and plan for remediation allows an organization to address the DFARS 252.204-7012 requirement for 2018. The key is showing where the gaps are, a plan for remediation and progress according to that plan.

Here is the direct guidance from the Office of the Under Secretary of Defense: “NIST SP 800-171 was revised (Revision 1) in December 2016 to enable non-federal organizations to demonstrate implementation or planned implementation of the security requirements with a “system security plan” and associated “plans of action.”

The security requirement 3.12.4 — system security plan, added by NIST SP 800-171, Revision 1 — requires the contractor to develop, document and periodically update system security plans that describe system boundaries, system environments of operation, how security requirements are implemented, and the relationships with or connections to other systems.
Security Requirement 3.12.2 — plans of action — requires the contractor to develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in their systems.

The goal is to assess the target of evaluation defined in step one and the components identified in step two of the process against the controls. Both current and target scores should be recorded to enable a gap analysis that will feed the two documents.

A system security plan can be critical to fully documenting compliance. Revision 1 to NIST SP 800-171 added another control to the set that requires the creation of a plan to “describe[s] the boundary of [a contractor’s] information system; the operational environment for the system; how the security requirements are implemented; and the relationships with or connections to other systems.”

In addition to the plan of actions and mitigations, the system security plan “describes how and when any unimplemented security requirements will be met, how any planned mitigations will be implemented, and how and when they will correct deficiencies and reduce or eliminate vulnerabilities in the systems.”

That means that the documents must describe the requirements, how a contractor plans to remediate for each of the controls, and a timeline for remediation in the organization.

That is just the bare bones, as there is much more information that can be included for compliance such as team members in charge of controls, deadlines and technology that will be adopted in remediation steps.

A great deal of company resources will have to be allotted to getting these documents ready if requested. Regardless of the method, these documents are key for saving contracts if not yet fully compliant, and will put a company in good standing for primes or contracts against the competition.

In 2018, contractors need to ensure they are working on becoming compliant using these documents, and that they can demonstrate competitiveness and adherence to the regulations if the business relies on defense-related revenue.”


Federal Workers Earn 32% Less Than Private Sector Employees Doing The Same Jobs

Fed Emloyee Salaries

Federal employees see nearly 32 percent less on their paychecks than their private-sector counterparts, according to a recent report by the Federal Salary Council’s Locality Pay Working Group. (Getty Images)


“Federal employees on average see a 31.86 percent difference between their paychecks and those doing the same work in the private sector according to an April 10, 2018, report submitted to the Federal Salary Council by its Locality Pay Working Group.”


“The working group calculates the pay gap between federal employees and their private-sector counterparts by taking sample data from the Bureau of Labor Statistics’ National Compensation Survey in areas of the country in which federal employees receive locality pay and averaging those pay rates into a format that is comparable with federal general schedule rates.

Federal employees can receive locality pay on top of what the general schedule rates allow for their position if the government has determined that the cost of living in that locality is higher than the rest of the U.S.

These 46 established and four pending locality pay areas can span wide swaths of the U.S., such as the entire states of Hawaii and Alaska, to make up for cost-of-living expenses.

The Washington-Baltimore-Arlington locality, for example, would have seen a nearly 88 percent pay disparity from 2015 to 2017 without the addition of locality pay, according to the report.

The target disparity for the whole of the federal workforce is five percent, according to the report, giving the government a long way to go to bring employee pay in line with targets.

In 2017 and 2018 reports, the Council recommended that Burlington, Vermont; Virginia Beach, Virginia; Birmingham, Alabama; and San Antonio, Texas, be established as new locality pay areas, and the President’s Pay Agent approved that recommendation, though the regulatory process to make that change has yet to be undertaken.

For 2019 pay, the working group also recommended that Corpus Christi, Texas, and Omaha, Nebraska, be established as locality pay areas, as pay disparities in those areas have exceeded the rest of the U.S. by more than 10 percent in the past three years.

Federal employee base pay has seen fairly steady increases since 2014, hovering at or just above one percent. U.S. code calls for increases in basic pay equal to the percentage increase in the Employment Cost Index minus half a percent. As the ECI increased to 2.6 percent in September 2017, the GS basic pay increase for 2019 should be 2.1 percent.

The working group’s report was submitted during an April 10, 2018, meeting of the entire Federal Salary Council, whose full report to the Pay Agent will be made available in the coming weeks.”


U.S. Army Prioritizes Research And Development (R&D) Funding And Intellectual Property Policies


Army Reaearch and Development


“The idea is to put the money not on various projects that may have been growing with a life of their own, but instead bring that money back against the top six priorities.

More commercial model that may involve purchasing licenses from industry.  Industry can also license intellectual property from the government.”

“The Army’s assistant secretary for acquisition, logistics and technology is looking to aid the service’s modernization efforts by implementing new policies regarding research and development and intellectual property.

Bruce Jette said the Army has already realigned R&D funds to meet its top modernization priorities, which include long-range precision fires, a next-generation combat vehicle, future vertical lift platforms, a mobile and expeditionary communication network, air and missile defense capabilities, and soldier lethality.

“The idea is to put the money not on various projects that may have been growing with a life of their own, but instead bring that money back against the top six priorities,” he said March 28 at the Association of the United States Army’s Global Force Symposium in Huntsville, Alabama.

Additionally, Jette’s office wants to give more freedom to researchers and lab directors by providing some funds that are specifically geared towards innovating technologies that the military may not have anticipated, he noted.

“We can’t … incrementally engineer breakthroughs, and that’s what we’re trying to do is give them the freedom to do that,” he said.

Jette said the service is also working to establish a fund aimed at crossing the “Valley of Death,” referring to the process for transitioning new technologies into existing programs of record.

For example, a senior commander “would sit there and say ‘OK, one of the guys has this project, he’s got it done, it’s ready, and do we want to actually put it into that program?’” Jette said.

Following consultation with the program manager, senior leaders would then make a decision on the way forward, he explained. “We decide it’s worth it. We do it with our eyes open and … then we fund the transition.”

Jette also wants to improve how industry and the government handle intellectual property. Both sides have been “sloppy,” he said.

“The government starts using your IP, you start using the government’s IP, you can’t get extricated and we begin having unpleasant complications,” he said. There needs to be movement towards a more commercial model that may involve purchasing licenses from industry, he added.

“I’ve done this on the outside. Show me the box — that’s your IP. Put that in the bid. Show me what the limits of that [are],” he said. “Tell me what you want to do for licensing … [and] we can have conversations.”

Industry can also license intellectual property from the government, he noted.

If “we built something and … you want to apply it commercially, you want to apply it to another effort, I’m willing to talk about licensing fees,” he said. “Most people don’t realize that, but the government can get paid for their intellectual property.”





GSA SAM Registration Hackers Used Spearphishing









“It’s unclear how much the scammers have netted through their scheme, which is being investigated by the GSA inspector general and federal law enforcement.

GSA’s System for Award Management, or SAM.gov, didn’t provide two-factor authentication or use an email protocol designed to protect against incoming emails with spoofed domain names in their addresses. “

“Cybercrooks who stole federal payments by hacking contractor accounts on a GSA website used sophisticated spearphishing techniques to steal login credentials and then diverted payments to bank accounts they controlled, an executive of a contractor targeted in the scam told FedScoop.

The inspector general’s office declined to comment, but sources familiar with the investigation told FedScoop that the cyberattacks that facilitated the fraud had been identified last year and were ongoing as recently as last week.

Targeting was also aided by the rich data the website provided.

The scammers “didn’t need to do any reconnaissance or research, the usual kind of social media engineering” to find out who at each company controlled the SAM.gov account, the executive said. “SAM.gov handed them the targeting intelligence they needed for the campaign.”

The public website has a search function that enables visitors to identify the point of contact for any company with an account on the site — which contractors can use to manage the payments they receive under federal contracts.

“It’s a spearphishing guide,” said the executive, who asked not to be identified because of the sensitive nature of the case. The emails sent to the points of contact “were very high quality,” said the executive, adding that they appeared to come directly from SAM.gov and contained a message asking recipients to click on a link to a fake login page. “It was a high quality facsimile of the real page,” the executive said. When the recipient entered their username and password, the page harvested them, then redirected the user to the real site, along with random login data.

“What you see next [after entering your information] is the real login page with the error message, so you think you’ve fat-fingered it,” explained the executive.

Having harvested the credentials for the account administrator, the hackers were able to login and use the site’s management functions to change the bank accounts into which federal payments were delivered.

Security experts say such attacks can be prevented by at least two baseline best practices that SAM.gov lacked:

● Two-factor authentication (2FA) — requiring the user to identify themselves via a secure hardware token or one-time passcode sent to their mobile phone, in addition to their password. But SAM.gov didn’t offer that option for account administrators, the executive said.

● DMARC, or Domain-based Message Authentication, Reporting and Conformance, is the industry standard measure to prevent email spoofing — when hackers make their messages appear as if they come from trusted correspondents. If DMARC had been deployed and enabled, spoofed emails purporting to come from SAM.gov would have been marked as spam or simply discarded. SAM.gov has a DMARC record, but enforcement has not been switched on.

A GSA spokeswoman declined to address specific questions about 2FA and DMARC. “This is an active law enforcement-sensitive investigation,” she said in an emailed statement. “GSA has made public as much information as it is able on our website and will continue to update accordingly.”

The executive from the targeted company was very critical of SAM.gov’s security. “It’s ridiculous how poorly put together that site is,” he said, adding that when the company first discovered the cyberattack, he struggled to find a point of contact at GSA to report it to.

“I couldn’t convince anyone to listen to me,” he said. After his initial contact with federal
investigators last year, “There was silence for months,” he said.

“Once they knew there was a problem, they had a responsibility to notify the site’s users… Everyone with an account should have been told to check whether their banking information had been changed … There are a thousand things they could have done.”

“The problem is not they had a problem, everyone has problems” concluded the executive. “The problem is the glacial speed with which they’ve responded.”


Related GSA Announcement:








The Small Business Federal Government Contracting “Past Performance” Challenge


Past Performance


“As a small business begins the proposal submission process to federal government agencies or to prime contractors the past performance requirement is a major challenge. 

How can a new organization or one that is new to government contracting muster a response? High quality proposals based on commercial success and teaming with other historically experienced government contractors are two principal techniques.”

“By definition a start-up company in government contracting has no direct government agency past performance projects to site in meeting the requirement in requests for proposals (RFP’s) for historical references to similar projects in terms of size, duration and complexity.

Past performance data must be specific to the enterprise bidding a contract. It cannot site historical references to performance of individuals now in the company when they were with other firms, achievements by predecessor companies or successful projects that the current company did not perform as its current entity. The purpose for this rigid perspective by the government is to avoid “Fronting” a new enterprise with misleading information to obtain a high past performance rating.

The answer to the past performance challenge lies in historical projects that may be similar in the commercial arena and a high quality proposal that clearly demonstrates an understanding of the requirement at hand, a unique and cost effective project plan and high performing personnel and/or products tailored to the statement of work to offset an interim, light past performance record.

A past performance reference sheet usually accompanies an agency RFP. It normally requires the bidder to fill it out with references to historical projects the company has performed and the contact points for confirmation. The government may request these forms in advance of the main body of the proposal to allow enough time to send them to the references. The past performance form is sent by the government to the references and you never see the result. The input goes directly from your past performance references back to the government.

For details on past performance formats and records processes please see Your Past Performance Record

Many small businesses work through prime contractors to “Grow” past performance history (subcontracts count). By teaming with a sizable firm a small entity can relate its participation to larger projects and ultimately graduate to a good library of references, carefully maintained and kept as a living, growing data base of good customer service records that can be sited again and again in proposals.

It is wise to keep customer perceptions of your professionalism and products or services alive by constant vigilance, visits, surveys and other feedback mechanisms so that you are not surprised at a proposal debriefing when you find that a client you thought rated you highly did not.

The major services maintain past performance records by contract that you can access. Inquire with them as to a membership at the appropriate web site and review them regularly. The GSA utilizes service companies to rate contractors. You can get your rating by inquiring with them, much like a credit rating, except pertinent to cost, schedule and technical performance. Monitor your D&B report. It is always out there for prime contractor and government assessment of your financial health, your vendor payment history, your organization profile and your rating.

The U.S. Federal Contractor Registration USFCR  has a narrative to profile your company. Check your registration and insure you have a current and complete description of your supplies and services available to all who use the Dynamic Search Mechanism Dynamic Small Business Search (DSBS)

Insure your web site, your capability statement and your marketing plans are maintained current alive and dynamically reflective of your successes as you pursue new business and carefully develop your library of past performance records by project with accessible profiles to use in your government proposals.”


Ken Fluther

“Small to Feds” is maintained by Ken Larson a Veteran of 2 tours – US Army Vietnam.  As a Volunteer Counselor, he assists many small businesses with their planning and operations processes. Subsequent to his military service Ken spent over 30 years in federal government contract management and 10 years in small business consulting. He  assists small companies wishing to enter or enhance their position in federal government contracting or grow their commercial enterprise.





Defense Companies Funneling Newfound Tax Reform Cash Into Corporate Pension Offsets

Defense company pension Liability

Generally speaking, the biggest recipient of cash infusion happens to be pension plans.. (doomu/Getty Images)


“Most companies froze them a decade ago or longer. But that didn’t eliminate the liability that comes with having to reserve funds for paying out retirement to the many individuals that already have built up those nest eggs.

So it’s understandable then that Lockheed would decide to make a whopping $5 billion cash contribution into its pension trust in 2018, satisfying required payments until 2021. It also explains Raytheon’s contribution of $1 billion, Northrop’s $500 million and Harris’ $300 million, to just name a few more.”

“If you listened to the annual earnings calls of the major, public defense companies (wait, does everyone not do that?) then you might have noticed a common theme.

They’re all going to have more cash. And a lot of them have similar plans for how to spend it.

One of the advantages of the tax reform law was to trim the corporate tax rate from 35 percent to 21 percent, which, in the words of Lockheed Martin’s CEO Marillyn Hewson, “reduces the combined U.S. corporate tax rate from the highest in the industrialized world, in line with the tax rates used in the most advanced economies.”

In the short term, most companies experienced a little bit of hurt by way of a one-time non-cash increase to income tax expense; it showed in earnings, with some falling short of guidance. But the advantages will certainly kick in starting next year.

So then what do companies have in mind? The idea behind the corporate tax cuts, if you ask the Trump administration, was jobs. And longer term, that conceivably will happen among the defense companies. But first, the money is going to other things. And generally speaking, the biggest recipient of cash infusion happens to be pension plans.

If pensions seem “so 1990s,” it’s because they kind of are. For years, that liability has been an enormous drag on the books for companies, particularly those that have been around for a long time (meaning just more obligations).

But here’s what’s interesting about pension liability — and bear with me here, since it’s complicated and I’m not a financial expert: Liability is so high because interest rates are low, and interest rates are used to calculate long-term obligations. Because pension payouts run so far into the future — 60 to 70 years to cover the lifespan of all participants — a company’s plan must predict how much it needs in the short term to cover future payments. That’s done by using an assumed discount rate based on the interest rate of fixed-income securities. Make sense? Put simply: The lower the discount rate, the higher the assumed pension obligation.

Of course, that very reason makes pension liabilities “artificially high,” in the words of Lockheed CFO Bruce Tanner, when he was kind enough to walk me through all this in 2012. I remember this statistic being quite telling: If the interest rate increased to 7.75 percent at that time, Lockheed’s unfunded liability of $12.78 billion in 2012 would have suddenly become zero. Rates have remained low, so pension liability has remained high.

So then what’s the point? If pension liability is something of a false drag on the books, and if we all assume that interest rates will eventually rise, then couldn’t this newfound infusion of cash be better spent elsewhere — acquisitions, research and development? Executives assured investors that too was happening — if not now, then soon.

Lockheed said it’s exploring such things as employee training and educational offerings, increasing charitable contributions in STEM, and increasing the company’s ventures investment fund for early-stage companies developing disruptive tech. And Harris will invest $20 million in technologies to accelerate innovation and affordability efforts for customers, also granting each of its roughly 17,000 nonexecutive employees 10 shares of Harris common stock. That brings a current market value of about $1,470 each, or approximately $24 million in total.

So other investments are happening. It’s also important to consider that companies are using the tax cut windfall to front-load pension contributions before tax rates fall from 39.6 percent to 37 percent. Getting the most for their contribution, so to speak. That makes particular sense amid chatter mentioned by Richard Safran of Buckingham Research Group on an earnings call that the Pentagon might look to claw back some portion of the tax benefit from defense companies either by renegotiating existing contracts or re-pricing items on future ones.

Short-lived benefits? Too soon to tell, but better to take advantage now.”