Analysis: Midsize firms hardest hit by new requirement

Midsize federal contractors with $5 million to $500 million in annual revenues are likely to be hardest hit by the new mandatory self-disclosure requirements in the Federal Acquisition Regulation, according to a government contracts expert.

“This means the most to companies in the middle,” said Tony Fuller, a partner at Beers and Cutler law firm, during a forum in Washington today. “They have further to go to comply.”

Under new provisions that went into effect Dec. 12, 2008, federal contractors must report in a timely fashion when they have credible evidence of violations of federal criminal law, fraudulent acts and receipt of overpayments. Failure to do so could result in suspension or debarment from federal contracting. The rules apply to most federal contracts valued at $5 million or more.

Contractors also must institute ethics compliance and anti-fraud controls and train their employees about those programs.

Midsize contractors’ ethics and anti-fraud systems tend to be at varying levels of maturity, Fuller said. Some firms will need to take additional actions toward setting policies and procedures, training employees, and establishing control systems and documented processes to comply with the new rules, he said.

Some midsize firms are more lax than others. Large contractors generally conduct internal risk assessments annually, but midsize firms perform them only sporadically, he added.

Some small businesses and commercial firms are not required to have ethics programs under the rule, but they would be well advised to create them anyway to avoid the risk of negative repercussions if they are ever involved in a suspension or debarment proceeding, said Rebecca Pearson, a partner at Venable LLP.

“I’ve had suspension and debarment officials say you need an ethics compliance program,” Pearson said. “You need some sort of program.”

Employees must be made aware of the program, and it must involve training employees and providing for timely reporting and detection, due diligence and investigation, and corrective action, she said.

Several contracting experts said the new requirements represent a sea change in how contractors police themselves for fraud and how they relate to contracting officers, inspectors general and the Justice Department.

But Maryanne Lavan, vice president of internal audit at Lockheed Martin Corp., said her company has had ethics compliance and internal controls in place for many years, and the new rule builds on those practices.

“I would not say the requirement is a tsunami or a sea change but a wind across the lake,” Lavan said.