Carolyn R. Cody-Jones
A recent decision in the federal district court for the Eastern District of California is one of the first to recognize application of the False Claims Act (“FCA”) to Department of Defense (“DoD”) cybersecurity requirements, and will likely encourage future lawsuits alleging noncompliance with federal cybersecurity procurement regulations. In United States ex rel. Markus v. Aerojet Rocketdyne Holdings, Inc., No. 2:15-cv-2245 WBS AC, 2019 WL 2024595 (E.D. Cal. May 8, 2019), the court denied the defendant contractor’s motion to dismiss qui tam complaint fraud allegations against the company. The complaint—brought by a former employee from the company’s cybersecurity department a month after his termination from the company—alleged the defendant fraudulently entered into DoD and National Aeronautics and Space Administration (“NASA”) contracts despite knowing that it did not meet the minimum standards required to receive the awards. The court permitted the case to move forward despite the government declining to intervene.
The primary regulations at issue in the case are DFARS 252.204-7012, which recently required, as of December 31, 2017, that contractors have a cybersecurity plan in place complying with 110 recommended security control standards set forth in NIST SP 800-171. However, the court’s decision in Aerojet Rocketdyne focused on the previous 2013 final rule and the two interim rules in 2015 implementing DFARS 252.204-7012, and also a NASA cybersecurity regulation at 48 C.F.R. § 1852.204-76 involving contractor security controls for sensitive but unclassified government information. Continue reading “Eastern District of California Allows False Claims Act Allegations Based on Noncompliance with DoD Cybersecurity Requirements to Go Forward”
Brian S. Gocial and Stephanie M. Harden
As government contractors know well, a robust compliance program can be critical—both in preventing, detecting, and resolving compliance problems and in working with agencies and/or the Department of Justice (“DOJ”) to resolve compliance issues when they arise. Though DOJ has previously issued guidance on how it evaluates corporate compliance programs, on April 30, 2019, it greatly expanded upon its earlier guidance with a lengthy new guidance document. The document is notable for its emphasis not just on the design of compliance programs, but also on their effectiveness in practice. The document is a useful benchmark for contractors to evaluate their compliance programs, as well as to demonstrate their affirmative responsibility to agencies when facing agency-level investigations.
The guidance document focuses on three central questions:
- Is the corporation’s compliance program well designed?
- Is the corporation’s compliance program implemented effectively?
- Does the compliance program actually work in practice?
The following outline provides a summary of the various factors DOJ discusses in connection with each of these questions—and more information on each topic can be found here.
Contractors should assess how their own compliance programs measure up against these factors: Continue reading “What Contractors Should Know about DOJ’s Revised Guidance on Evaluations of Corporate Compliance”
Luke W. Meier
The effort to create an “Amazon-like” market for Government purchasing has taken another step forward. After completing its market consultation phase, the General Services Administration (“GSA”) has now put forth a proposal for an e-commerce test portal, through which federal agencies will be able to purchase commercial products from a select group of vendors that will set up new online marketplaces specifically for federal purchasing. (See Phase II Report here.)
To simplify regulatory requirements, all purchases on the test portal must be within the micro-purchase threshold—currently $10,000 for most types of purchases. To expand the breadth of its trial run, GSA has asked Congress to temporarily raise the micro-purchase threshold to $25,000 “for a limited period of five years,” only with respect to purchases “through GSA-approved commercial e-commerce portals.”
The scope of the trial program also will depend on which (and how many) vendors receive the “initial proof of concept contracts” to sell products through portals during the trial run. To avoid being locked in to a single supplier, GSA has said it needs “at least two [vendors] or we won’t award.” Will Amazon itself be a vendor? Right now, GSA says it is unclear “if Amazon will compete” for a spot in the pilot program.
Contractors with an interest in the direction of this effort should continue to express their views. Feedback from the pilot program will guide GSA’s next steps as it decides how to move forward with the commercial e-commerce purchasing concept.
Merle M. DeLancey Jr.
If you’re like me, it’s the time of year when you clean out your garage and closets and do all those outside projects you delayed until the weather warmed up. If you are a government contractor, you should consider this to be the season to do some spring cleaning in terms of your government contract compliance programs and procedures. Not to be an alarmist, but there are numerous areas you can review now and, if you should find some compliance deficiencies, you still have ample time to get your house in order before an agency audit or the deadline for submission of certain government reports.
Set forth below is a list of areas you may want to clean up: Continue reading “Spring Cleaning for Government Contractors? Think Compliance.”
Merle M. DeLancey Jr.
On March 25, 2019, the Office of Federal Contract Compliance Programs (“OFCCP”) issued a Corporate Scheduling Announcement List (“CSAL”) for FY 2019. As it announced in February, OFCCP changed how it notifies government prime contractors and subcontractors that they may be subject to a compliance review. Rather than sending the traditional advanced notification letters, OFCCP posted the FY 2019 CSAL on its website. In addition to the CSAL, OFCCP also posted its Scheduling Methodology, CSAL Frequently Asked Questions (“FAQs”), Corporate Management Compliance Evaluation (“CMCE”) FAQs, and a link to its Section 503 Focused Review page.
OFCCP significantly increased the number of contractors potentially subject to review to more than 3,500. OFCCP’s CSALs for FY 2018 and 2017 identified 1,003 and 802 contractors, respectively. Continue reading “OFCCP Releases FY 2019 CSAL”
Sara N. Gerber
According to a recent U.S. Government Accountability Office (“GAO”) report, the Defense Contract Audit Agency (“DCAA”) and the Defense Contract Management Agency (“DCMA”) have taken certain steps to improve the contractor business system (“CBS”) review process and are forecasting that CBS reviews will increase significantly over the next four years. Contractor business systems include a contractor’s accounting, earned value management, estimating, purchasing, material management, and property management systems. These systems require contractors to maintain internal controls that, as GAO noted, “act as the first line of defense against fraud, waste and abuse of federal funding.” Given their importance, the renewed focus on ensuring CBS reviews are conducted in a timely and consistent manner is not surprising, and contractors should prepare for a new wave of audit activity. Continue reading “Renewed Focus on Contractor Business System Reviews”
Merle M. DeLancey Jr.
While the introduction of state legislation that would require drug manufacturers to disclose pricing and other information did not slow down in 2018, the number of bills that were made law did slow down. During 2018, 22 state legislatures considered bills seeking to require drug manufacturers to disclose pricing information; however, most of the legislation failed.
Two New State Laws
Since my Drug Manufacturer Pricing Disclosures: Mid-Year 2018 Update, two states—Vermont and New Hampshire—passed laws that arguably touch on requiring pharmaceutical manufacturers to report drug prices. Continue reading “States Pass Fewer Drug Manufacturer Pricing Disclosure Laws in 2018”