The BDO GovCon Week Ahead - August 2022

August 29, 2022

Federal Contractors Are Getting Left Behind in the Race to Implement Zero Trust
Over the past year, Zero Trust Architecture (ZTA) has made its way to the top of numerous cybersecurity-related federal mandates, securing its place as the future standard of IT security in the federal space. The Office of Management and Budget (OMB) Memorandum M-22-09, released on Jan. 26, 2022, requires that federal agencies operate on a compliant ZTA basis by the end of government fiscal year 2024.
Unlike many federal mandates, which get executed and leave agencies to their own devices to meet the requirements, the government has been extremely involved and supportive in driving this goal forward and monitoring progress. Agencies were required to develop ZTA implementation plans, and those plans have been submitted to multiple government entities, which have dedicated cyber experts reviewing and revising them to ensure each agency’s plan will meet a consistent enterprise-wide baseline of ZTA expectations. Based on those plans, the government has also provided agencies with increases in their budget and established a Technology Modernization Fund (TMF) where they can apply for more funds, if needed. Given all of this support, it is not surprising to hear that federal agencies are becoming far more advanced in their security than their federal contractor counterparts.
Several federal mandates, including draft versions of the National Defense Authorization Act, have tried to extend these requirements to federal contractors but authorities have not been able to agree on how ZTA should be implemented at that level. Much of this conflict stems from how important cybersecurity truly is, the awareness that federal contractors are ill equipped to implement this and so may erroneously certify compliance, and how much support and involvement is therefore needed from the government to extend this on a nationwide basis effectively. Regardless, federal contractors should be prepared to see something soon. It may be a full-scale ZTA compliance requirement in solicitations and awards where contractors are left on their own to comply, a stopgap where federal contractors will have to operate on a government-provided ZTA compliant system, or a requirement that a cyber expert certified by the government in ZTA expertise, review and approve your security before an award. In any case, federal contractors should be focusing resources on cybersecurity so they don’t fall too far behind in the next steps to ZTA compliance.

For more information, please visit this link.

Do Not Pass Go, Do Not Collect $200 

Earlier this month, Senators Elizabeth Warren and Ben Ray Lujan wrote to the Department of Justice (DOJ) calling for action against corporate criminals that defraud the government with little to no penalties. DOJ is granted the prosecutorial discretion to suspend or debar companies from the government contracting process, yet in 2020, only issued three suspensions and eight debarment actions.
The senators sent the letter to Attorney General Merrick Garland and Deputy Attorney General Lisa Monaco and detailed how companies have engaged in years-long schemes against the government but continued to perform on and receive government contracts. The senators detailed how several companies have engaged in corrupt actions but were only penalized with a fine and have continued to receive large government contracts since. 
The senators have also asked DOJ to expand its use of suspension and debarment actions in four ways:

  1. Debarment for corporate entities and not just individuals: The company as a whole can pose a threat to the government due to lack of oversight or corporate negligence, and it is not always the result of a single bad actor.

  2. Use debarment government-wide: DOJ should be able to debar entities that contract with any federal agency, and it should not be left up to the individual agency to take action against the company.

  3. Consider debarments for all corporate misconduct: This includes debarments for activities such as tax evasion, bribery, and health and safety misconduct.

  4. Use suspension authority: DOJ should be able to step in and place restrictions on companies while their actions are being reviewed for misconduct in order to protect taxpaying citizens.

For more information, please visit this link and this link.


August 22, 2022

Congress Says “All Systems Go” to NASA Mars and Moon Missions 
Last month, Congress passed the National Aeronautics and Space Administration (NASA) Authorization Act of 2022 as part of the Creating Helpful Incentives to Produce Semiconductors for America Act of 2022. This is the first NASA Authorization Act since 2017, demonstrating a renewed commitment from Congress to promote American space exploration. The act provides guidance for NASA on several programs.
Some of the most notable authorizations include the creation of the Moon to Mars program to send a manned mission to Mars, the fulfillment of the Artemis missions to the moon, and an extension of International Space Station’s operations through 2030. The act also requires NASA to create or extend several other development projects to support safe and effective space activities as well as a continuation of NASA’s search for life beyond Earth.
In addition to the programs mandated in the latest NASA Authorization Act, Congress tasked NASA with performing a study surveying the civil space industrial base’s infrastructure, supply chains and workforce capacity. This study could highlight sectors in need of further development and identify federal contractors capable of supporting the NASA Authorization Act’s objectives.
Though the NASA Authorization Act of 2022 does not specify any new funding, aerospace technology contractors should be prepared to bid on any new contracts resulting from NASA’s congressional mandate to create, develop and extend the programs detailed in the act.

For more information, please visit this link.

Invention Is 10% Inspiration and 90% Perspiration 
Subject invention disclosures just got a little easier with a facelift to the modernized Interagency Edison system (iEdison). Each year, the federal government issues more than $150 billion in research and development contracts/awards with the stipulation that organizations receiving funding report the inventions made possible by that funding. In 2021, more than 21,000 patents and 8,500 inventions were reported in iEdison.
Earlier this month, the National Institute of Standards and Technology (NIST) launched a redesigned iEdison platform, where federal contractors and grant recipients can submit their invention and patent disclosure reports in accordance with the Bayh-Dole Act. Bayh-Dole permits federal contractors and award recipients to retain title to their subject inventions, pursue patent protection and grant the government limited-use rights on taxpayer-funded inventions.
NIST hopes the iEdison updates will reduce the time and effort involved with the process and “will help inventors, awardees and the government manage investments efficiently and transparently,” according to Mojdeh Bahar, NIST Associate Director for Innovation and Industry Services. Notable upgrades to iEdison include the following:

  • Easier updates of patent information through direct links to the U.S. Patent and Trademark Office
  • A new messaging feature that allows organizations to communicate directly with their funding agencies
  • Automation of certain tasks via an expanded application programming interface

Stay tuned to the BDO GovCon Week Ahead for future updates and do not hesitate to reach out to your friendly BDO GovCon consultant for questions on Bayh-Dole, iEdison or any other federal contract/grant compliance matters.

For more information, please visit this link and this link.


August 15, 2022

The Attention Surrounding Conflicts of Interest
Earlier this month, the Senate passed a bill requiring government contractors to disclose all business relationships they are engaged in prior to being awarded a contract. The bill, Preventing Organizational Conflicts of Interest in Federal Acquisition Act, comes after a large consulting company was fined $600 million in 2021 for conflicting working relationships with both the opioid crisis and the Food and Drug Administration. This instance exposed how easily conflicts of interest can arise in government contracting and the dangers they pose to the public.
The goal of the bill is to prevent government contractors from using taxpayer dollars to advise their clients in a way that would have a negative effect on the American people. If this legislation is enacted, contractors will need to disclose any potential conflicts of interest before they receive a government award. The bill will also include new clauses and standards to prevent organizational conflicts of interest while a contract is in place and will further assist agencies in determining whether contactors are violating any of these regulations. This will ensure government contractors are not prioritizing business relationships, such as Big Pharma, over the best interests of the American people.

For more information, please visit this link

I’ll Pay You When I Get Paid: The Enforceability of PIP/PWP Clauses
Pay-if-paid (PIP) and pay-when paid (PWP) clauses are often found in construction subcontracts, which allows the prime contractor to pay subcontractors only after they themselves are paid. These clauses often delay subcontractor payments and have been a point of contention between contractors and subcontractors across the country for many years.
The commonwealth of Virginia recently amended its prompt payment and wage theft statutes to prohibit the use of PIP clauses in both private and public construction relationships. PWP clauses are generally not viewed in as negative a light as PIP clauses That’s because courts typically consider PWP clauses as establishing timeline of payment, rather than shifting nonpayment risk to the subcontractors as do PIP clauses. The new law, effective Jan. 1, 2023, still allows PWP clauses, but requires that those clauses set a reasonable period of no more than 60 days for any subcontractor payments. Several other states also prohibit PIP clauses. For instance, California and New York have struck down PIP clauses in contracts that were litigated, and some other states still enforce PIP clauses, but acknowledge those clauses are generally disfavored and have encouraged other statutory provisions that mitigate their negative effects.
Since the treatment and enforceability of PIP clauses can have a major impact on payment liability and increase the risk of a dispute between the contractors and subcontractors, federal contractors and subcontractors need to keep apprised of state law and guidance on these clauses.

For more information, please visit this link



August 8, 2022

Not All Data is Good Data 
In today’s ever-changing world, data has proven time and time again to be an invaluable asset. New technologies, such as artificial intelligence, machine learning, and automation tools can use data to provide federal agencies with critical insights to help them grow, improve efficiency, and prepare for the future. However, the success of these technologies is dependent on clean and accurate data.
Jamie Holcombe, CIO for the U.S. Patent and Trademark Office (USPTO), had to learn this lesson the hard way. When the USPTO attempted to utilize machine learning in a wide-scale classification project, they ran into problems due to data quality issues. In a recent panel, Holcombe expressed, “we did start out with a lot of dirty data in our classification project and what we found is after about six months, we were getting diminishing returns.” Melvin Brown, Deputy CIO of the USPTO, warned, “automation is only gonna [Sic] be as smart as the data we feed it.”
Data security is another crucial factor as we continue to incorporate data and automation into business processes. Several agencies are adopting hybrid multi-cloud IT environments. Improved advanced cloud technology will also require improved layers of security as these IT environments can expose agencies to vulnerabilities that they have not previously experienced. Data security is evolving to keep up with smarter threats, but many agencies are still seeking better solutions.
Data automation will continue to evolve and be utilized to improve federal agencies and their objectives. However, if the data is not clean and secure, it could all be for nothing.

For more information, please visit this link.

Loopholes in the Buy America Act 
Under the Trade Agreements Act (TAA), all products listed on a General Services Administration (GSA) Schedule Contract must be manufactured or “substantially transformed” in the United States or a TAA “designated country”, but this only applies to contracts exceeding the TAA threshold (currently $193,000). For supply contracts under this threshold (and exceeding the micro-purchase threshold), the Buy American Act (BAA) applies in place of the TAA, and this is where the loophole lies.
The BAA does require provided products to qualify as “domestic end products”, however, if a product is not BAA compliant it may still be purchased by the Government. These non-compliant products have a penalty imposed by adding 6% or 12% (depending on whether small or large businesses are involved) to its price for comparison to BAA compliant products offered by competitors. Another issue with the BAA arises when a non-manufacturer waiver (NMR) is used. The Small Business Administration (SBA) can issue a waiver which then allows small business resellers/dealers to supply the product of any size business without regard to place of manufacture.
The preference is for the purchase of domestic products, but the price evaluation differential is only a small barrier for businesses that may rely on foreign countries for production. Taking advantage of this loophole may limit market access for domestic manufacturers that otherwise could meet the government’s contractual needs with domestic products. Some experts believe these rules create a “self-inflicted challenge to our domestic supply chains” and are calling on the TAA to be applied consistently, to close any backdoors opened by the BAA.
Stay tuned to the BDO GovCon Week Ahead for updates on how the Government will work to close these and other BAA loopholes.

For more information, please visit this link and this link.



August 1, 2022

Highlights of the Senate Armed Services Committee’s $847 Billion Defense Bill
On July 18th, the Senate Armed Services Committee (SASC) released its annual defense policy bill totaling $847 billion. This version of the fiscal year (FY) 2023 National Defense Authorization Act (NDAA) would authorize an increase of $45 billion above the Biden administration’s budget request. The budget is backed with intentions to help offset the high inflation that is directly impacting the Pentagon’s coffers, as well as the threat of China in relation specifically to their potential competition with the United States amid the Russian invasion of Ukraine.
The SASC chairman, Senator Jack Reed, said the following about the emerging threat posed by China: “The challenges before us are momentous. With broad, bipartisan support, this year’s NDAA increases funding for our national defense, invests in the platforms and infrastructure our military needs, and delivers critical resources for our allies and partners around the globe.” The bill outlines increased funds for combat aircraft, Navy and Marine Corps vessels, armored vehicles, munitions and short- and long-range fires, as well as the shipment of weapons to Ukraine.
Another key highlight of the bill is the increase in research, development, test and evaluation (RDT&E) funds. The defense bill authorizes $137.7 billion for these programs, over $7.5 billion greater than the initial budget request. Support is further outlined in the investment efforts for hypersonic, artificial intelligence (AI) and cyber platforms for the future battlefield.
After the Senate votes on its version of the bill, it will be reconciled with the House’s $839 billion FY 2023 version in the upcoming conference committees to come to a final version.

For more information, please visit this link and this link

If You’re Not First, You’re Last: The House’s 2023 NDAA Amendments and the Tech Industry 
On Thursday July 14th, the House passed amendments to the NDAA with a vote of 329-101. The bill includes many policy changes, but we couldn’t help but notice the impact it would have on the tech industry. Given the events of the past year, we have seen the importance of maintaining advantages in the tech industry and taking advantage of new, innovative technology, including unmanned aerial vehicles (UAV) and AI.
There is a lot of attention surrounding the Department of Defense’s (DoD) electromagnetic spectrum strategy, which is new as of 2020. The purpose of this policy is to unify the DoD’s electromagnetic spectrum enterprise activities, create a new governance infrastructure and promote a culture of innovation within its operations. The amendment highlights a need for more transparency surrounding the strategy and demands an unclassified version of the policy and plan in all future updates.
Going forward, you might be able to tell who is tracking your phone’s location. Following with the theme of transparency, the DoD is being called upon to report which agencies are tracking Americans’ phone locations and metadata. The House is requiring a public website to track which agencies are purchasing and using phone data and records, but it will not reveal any classified information.
Some other key takeaways from the bill are:

  • A reward program up to $2,500 for service members whose actions display innovation or technical achievement in the cybersecurity space.
  • A scholarship program for students who want to study in the cyber or tech fields; individuals chosen will get room and board covered and are required to work for the DoD for the same amount of time they are in the program.
  • The development of the National Digital Reserve Corps, which will allow private sector tech companies in the cybersecurity and AI spaces to temporarily contract with the federal government.
  • The Pentagon will no longer work with companies that have engaged in unfair labor practices under the National Labor Relations Act within the three years leading up to a contract award; this amendment comes with an effort to promote unionization among government contractors.

For more information, please visit this link.