The US government continues to offer opportunities as the largest public procurement marketplace. But with the rewards come risks – from adjustments in procurement methods and competition to new compliance requirements and active enforcement. This article summarises the key trends and developments in US government procurement.

Issues Related to the COVID-19 Pandemic

The spread of the COVID-19 pandemic is influencing US public procurement during at least the first half of 2020. The US government is seeking to prioritise the procurement of critical health and medical resources. Other aspects of the response to the pandemic, such as reduced access to government facilities or state and local orders restricting business activity, are disrupting the performance of public contracts.

The US government is exercising extraordinary procurement authorities to acquire scarce health and medical resources, such as ventilators and N95 respirators. The Defense Production Act of 1950(DPA) authorises the US government to source critical products and services for "national defence preparedness", which includes emergency preparedness and response activities. In March 2020, the President issued three Executive Orders delegating authority to use of the DPA to the Departments of Health & Human Services and Homeland Security for the procurement of "health resources and medical resources needed to respond to the spread of COVID-19".

The DPA gives certain executive agencies within the US government the authority to do the following:

  • Issue "rated orders" that puts the US government first in line for the purchase of products and services;
  • Take "allocation actions" that allows the US government to reserve materials or facilities in anticipation of a rated order or even direct the use of a private facility;
  • Offer financial assistance for increase production of critical supplies; and
  • Facilitate voluntary agreements between competitors.

The DPA regulations contain details about a company's options for accepting or rejecting a rated order or allocation action and the strict deadlines for doing so. Compliance is important, as there are criminal penalties for the willful violation of the DPA. Companies receive liability protection under the DPA when filling a priority rated order causes the company to breach unrated contracts. 

The COVID-19 pandemic has also closed worksites, made certain contractor employees unavailable, and interrupted supply chains. All of these issues cause two significant challenges: potential loss of income and defaulting on contractual obligations with the US government or higher-tiered subcontractors.

Depending on the contract and circumstances, a contractor may be entitled to payment during interrupted performance. More common, however, is the scenario when the interruption of performance alters the US government's obligation to pay a company attempting to fully perform. There are regulatory permissions that may allow contractors to collect costs for continuing to pay employees and keeping them in a ready state. This is mirrored by language in Section 3610 of the Coronavirus Aid, Relief, and Economic Security (CARES) Act.

Further, most government contracts contain clauses that prohibit for the termination of contracts for default when the cause of that delay is a pandemic or quarantine. The US government, however, would still have the option of terminating a contract for convenience.

Labor and employment statutes unique to government contractors also create complications for contractors. Issues include tracking of pay and whether there is a "break in service" for the purpose of calculating vacation or whether employees can utilise mandated sick leave for COVID-19 related closures.

Foreign Investment Considerations

There are other trends and developments beyond the pandemic response.  Recently, the balance between the US government's support for foreign investment and the importance of protecting classified information tipped further towards national security concerns. The Committee on Foreign Investment in the United States (CFIUS) issued new rules expanding its jurisdiction over foreign investment in US entities in two ways. The CFIUS can now review non-controlling foreign investments in US businesses if those businesses are involved in certain critical technologies or critical infrastructure, or have access to the personal data of US nationals. Before the rule change, the Committee only reviewed transactions in which the foreign entity sought a controlling interest in a US company. Second, CFIUS now has jurisdiction to review certain real estate transactions, including undeveloped land, which were previously exempt from review as "greenfield" investments. The rules expand coverage by tying it to location: properties located near airports, ports, military installations and other government facilities are now subject to CFIUS review.

Procurement Methods and Competition

The competitive landscape and growth strategies for contractors has been shaped by a variety of reforms in procurement procedures, small business requirements, and subcontracting and teaming.

Tension between public procurement and commerciality

The US government has been rethinking its own acquisition strategy with the goal of expanding the marketplace to more non-traditional government contractors offering innovative commercial products and services and better leveraging the buying power of the federal enterprise. At the same time, conventional public procurement policy considerations act as cross currents slowing change.

Category management and shift to government-wide MAS IDIQ contracts

The US government has been steadily implementing "category management," which continues to change the contracting landscape and strategic approaches in the federal marketplace. The government has determined that approximately 60% of all contract spending (approximately USD325 billion in fiscal year (FY) 2018) is spent on ten categories of common products and services. Category management is the procurement practice of buying common goods and services as an enterprise in order to eliminate redundancies, increase efficiency, and deliver more value and savings. To implement category management, the Office of Management and Budget (OMB) has requested agencies to establish plans to shift "unaligned spending" in ten categories of products of services to "best-in-class" (BIC) contracts. BIC contracts are government-wide, pre-vetted contract solutions that are structured as multiple award, indefinite delivery, indefinite quantity contracts and increase transactional data available for government-wide analysis of buying behavior. Agencies are in the process of migrating their spending up to a "spending under management" maturity model with the goal of using BIC contracts for the ten common spend categories.

Category management creates opportunities and advantages for established US contractors and imposes new barriers to entry for contractors seeking to enter the market. BIC contracts have been established for every common spend category (a list is available at General Service's Administration's (GSA) Acquisition Gateway website). Examples include GSA's Federal Supply Schedules (FSS), NASA SEWP, GSA OASIS, GSA Alliant, and NITAAC CIO SP3. Solicitations under these contracts are issued to contract holders; companies that do not have these vehicles cannot compete as prime contractors and instead must participate as subcontractors. Thus, category management favours established contractors who hold these contracts and requires newcomers to invest time and resources to obtain them through competition or strategic transactions. The shift to category management is also reducing the number of procurements subject to bid protest review, as GAO may hear a task or delivery order protest only if the value of the order exceeds USD10 million for civilian agencies and USD25 million for defence agencies.

GSA schedule consolidation

For decades, the largest government-wide multiple award schedule contracts have been the US GSA's FSS, 24 of which are administered by GSA with another dozen or so health-related schedules administered by the Department of Veterans Affairs (VA). GSA is in the midst of an effort to consolidate its 24 schedule contracts into a single schedule contract featuring 12 categories, 83 subcategories, and approximately 300 special item numbers (SINs), a move that is expected to increase efficiency and value for both buyers and sellers. In January 2020, GSA began issuing a mass modification to current schedule contractors to update current contracts to conform to the terms and conditions of the consolidated Multiple Award Schedule (MAS) vehicle. In July 2020, GSA will begin the process of working with companies holding multiple FSS contracts to determine the best option for consolidation. Later in 2020, GSA expects to make a decision about its transactional data reporting (TDR) pilot programme, which was established in 2016 for a handful of schedule contracts as a possible replacement of the burdensome commercial sales practices disclosure and price reductions clause requirements. GSA is considering extending TDR to all SINs on the consolidated schedule.

Limits on use of "lowest price, technically acceptable" method

In response to budget cuts in the early 2010s, some federal agencies increased use of a procurement method known as lowest price, technically acceptable (LPTA). LPTA places a premium on low-cost products and services and is considered easier to administer than more judgement-based "best value" procurements that require tradeoffs but allow agencies to select a higher cost solution when there are reasons for doing so. Agencies drew criticism and Congressional action when they began using LPTA for procurement when paying more for technical advantages or better past performance could benefit the government. The Department of Defense's (DoD) acquisition regulations have been revised, and the Federal Acquisition Regulation (FAR) is soon to follow with a pending rule on the cusp of publication. The reforms will impose mandatory criteria that must be satisfied before an agency may use LPTA and require a written justification for its use. They also prohibit the use of LPTA for specific procurements, such as personal protective equipment, information technology, cybersecurity, systems engineering and technical services, among others. The forms should favour companies providing innovative products and services that offer value despite a higher price.

E-commerce platform for COTS

The US government is developing e-commerce marketplaces run by private companies designed for the purchase of commercial-off-the-shelf (COTS) products under the simplified acquisition threshold (currently USD250,000). The project is entering a pilot phase and appears to be at least a year away from implementation. If this programme is successful, any federal agency will be able to use these web-based marketplaces to order COTS products.

Several policy issues remain to be worked out.

  • Companies running the marketplace will be able to sell their own products, worrying some that they will have an unfair advantage on the marketplace.
  • The companies selected to run the marketplaces must properly secure the data it collects from users and ensure it is not used for a competitive advantage.
  • The marketplaces must also eliminate marketplace products sold by debarred companies and identify countries of origin for products so government customers can comply with the appropriate country of origin requirements when purchasing products.

The current e-commerce pilot will test how the marketplace works for purchases below the micro-purchase threshold (USD10,000). The test is expected to last at least through 2021.

"Other transactions agreements" for prototypes and research and development

In the past few years, Congress has determined that DoD needs improved access to the innovative technology of non-traditional government contractors in places like Silicon Valley who may be reluctant to deal with the regulatory burden and risk that comes with being a government contractor. Congress has expanded the authority and flexibility of DoD to enter into "other transactions agreements" (OTAs) for new research and development and new prototypes. OTAs are appealing because they are exempt from the FAR and feature a streamlined competitive procedure that has limited bid protest review. The prototype reforms include the authority to enter into sole-source contracts for mass production if the prototype demonstration is successful. The Defense Innovation Unit (DIU) has been very active in connecting DoD activities with R&D dollars with non-traditional government contractors under this authority. Commercial technology companies interested in expanding sales in the government marketplace might explore this as a point-of-entry.

Small business contracting and subcontracting

US federal procurement policy promotes the use of small businesses and other socio-economic preferences in both federal prime and subcontracting. The US Small Business Administration (SBA) is the primary rule-making authority for these programmes, and shares a portion of this role with the FAR Council. The federal government has a goal of directing 23% of prime contracting dollars to small and other SBA-preferred businesses. Large contractors are also required to establish and take efforts to meet subcontracting goals for small and SBA-preferred businesses. Small business contracts and subcontracts therefore represent a very substantial portion of the federal procurement market and the programme rules have significant implications for small and large businesses alike.

The SBA has issued several new important rules related to small business contracting over the past year including those listed below.

  • Effective 6 January 2020, small businesses in the services industries may now calculate their size by tallying average annual revenues over a five-year (vs a three-year) time period. This will allow growing small businesses to retain their "small" business status for a longer period of time.
  • SBA adopted new rules governing the Historically Underutilised Business Zone ("HUBZone") programme. The HUBZone programme allows small businesses which are based in and employ at least 35% of their workers living in depressed business zones to compete for federal contracts on a set-aside basis and to receive a price evaluation preference of 10% in open competitions. Among other things, the new rules allow a HUBZone qualified company to retain its status for a full year from the time of its annual certification even if the composition of its workforce changes.
  • In late 2019, SBA issued a proposed rule which would consolidate its Mentor-Protégé programmes under a single programme, adjust size re-certification requirements for small businesses on multiple award contracts, and make changes to the 8(a) Business Development programme, a programme focused on socially and economically disadvantaged businesses.

Enforcement in the SBA-preferred contracting space remained a high priority for the Department of Justice (DoJ) and oversight communities. For example, the SBA Office of Inspector General's November 2019 biannual report announced numerous criminal and civil fraud judgments or settlements in excess of USD1 million and substantial prison terms for individual offenders. Defendants included not only the putative small business concerns and their owners, but large business partners and, in one case, an insurance company which provided surety bonds as part of a scheme to defraud the 8(a) programme. The SBA contracting requirement permeate all aspects of procurement and continue to present opportunities and substantial risks for all participants in the federal procurement process.

Prime/subcontractor relationships

The US government is increasing its requirements for cybersecurity and supply chain assurance. The US government is also requiring prime contractors to ensure that their subcontractors comply with these regulations. In 2019, the Defense Contract Audit Agency (DCAA) conducted audits of contractors' policies and procedures for imposing the same cybersecurity and supply chain standards on subcontractors. This new scrutiny will impact prime/subcontractor relationships. For example, primes could favour large businesses with sophisticated cybersecurity and supply chain programmes. In connection with the Cybersecurity Maturity Model Certificiation (CMMC) programme, primes will likely include in their subcontracts representations as to a subcontractor's certified CMMC level, and indemnities to cover instances in which the subcontractor fails to possess the necessary CMMC level certification.

Bid protest developments

In 2019, bid protests at the US Government Accountability Office (GAO) as well as the US Court of Federal Claims and agency level continued to be an effective way for offerors to address concerns about the procurement process. At GAO, protesters continued to obtain some form of relief in a substantial number of protests – an "effectiveness rate" of 44% of the 2,200 protests closed in FY 2019. In the past five fiscal years (since FY 2014), GAO's annual effectiveness rate for protesters has hovered steadily between 44% and 47%. GAO's report states that the most prevalent reasons for sustaining protests remained the "usual suspects" in FY 2019: (i) unreasonable technical evaluation; (ii) inadequate documentation of the record; (iii) flawed selection decision; (iv) unequal treatment; and (v) unreasonable cost or price evaluation.

In 2019 there was a 16% reduction in the number of cases filed with GAO – from 2,607 cases in FY 2018 down to 2,198 cases in FY 2019. Possible causes for the reduction in protest filings may include: (i) the full implementation of GAO's electronic protest docketing system and USD350 filing fee, which may deter protests of smaller value awards; (ii) the 35-day partial government shutdown from December 2018-January 2019, which may have delayed awards of some contracts and task orders until the end of the fiscal year; and (iii) the transition to MAS contracts under category management, which exempts more procurements from GAO's review because of the monetary limits of its task and delivery order jurisdiction.

Emergence of artificial intelligence

The US government's use of artificial intelligence (AI) varies from agency to agency. One of the early adopters, for example, was the Security and Exchange Commission (SEC) who uses machine learning to help identify insider trading schemes. In an effort to introduce more conformity, the Office of Management and Budget (OMB) released a draft memorandum in January 2020 setting forth a set of principles to guide development of AI application. The draft memorandum contains ten principles. One of the memorandum's areas of focus is bolstering public confidence in AI by encouraging agencies to incorporate privacy issues, public participation, attention to biased AI outcomes, and transparency in their development AI solutions. 85 Fed. Reg. 1825. OMB's recognition of the importance of public confidence in AI is mirrored in the 2020 National Defense Authorization Act (NDAA), which requires the DoD to brief Congress on the use of explainable AI by the Department. The NDAA provision is aimed at giving warfighters a better understanding of AI's potential and limits, as well as confidence in the incorporation of human judgement into the use of this technology.

Compliance Requirements

Cybersecurity and CMMC

One area of increasing compliance requirements for US contractors is cybersecurity. New regulatory requirements have been imposed within the last few years and now DoD is rolling out a new cybersecurity certification requirement known as CMMC.

DoD has issued a contract clause at Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 that requires compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171. This DFARS clause requires contractors that possess contractor defence information to comply with 110 separate security controls in SP 800-171 ranging from password security to physical access. Most significantly is the requirement for each organisation to develop and submit a system security plan to DoD. In addition to compliance with security controls and the provision of a system security plan, the DFARS clause also required that contractors to report cybersecurity incidents to DoD within 72 hours of discovery; co-operate with any DoD investigation regarding such incidents; and flow down the clause to lower-tiered subcontractors.

With the exception of the system security plan, DoD expects contractors to self-certify compliance with cybersecurity requirements. That is changing with the introduction of CMMC. Under CMMC, contractors will need third-party assessors to certify a contractor to a certain level of compliance. Level 1 contains the most basic security controls while level 5 is the most stringent and level 3 is similar to current requirements under SP 800-171. Even though CMMC requirements will continue to develop throughout 2020 and 2021, DoD has made clear there will be no exceptions for small businesses, business that do not handle covered defence information, or contractors that solely sell commercial products and services. While only a few contracts will initially be impacted, DoD expects CMMC to be required to perform every DoD contract in the next five years.

Contractors not doing business with DoD must comply with much less stringent government-wide requirements embodied in FAR 52.204-21. This clause requires contractors engage in basic cybersecurity hygiene; much of which they are likely doing. Even so, contractors may be subject to agency-specific clauses that are much more stringent and could mirror, or even exceed, the requirements placed on DoD contractors. Further, it is widely expected that a forthcoming FAR clause will tighten requirements considerably. It remains to be seen if non-DoD contractors will be required to comply with a CMMC-like requirement.

US supply chain reforms

New legislation and regulations have tightened supply chain requirements for government contractors.

Regulations banning the sale of Kaspersky products and services: in late 2019, regulations were issued that prohibited the US government from purchasing products or services from Kaspersky Lab (or other related entities). Further, contractors were prohibited from utilising Kaspersky products or services in the development of products or services sold to the US government. Kaspersky's lawsuit challenging this ban was unsuccessful.

Regulations limiting the sale of certain Chinese telecommunications products and services: in 2019 and 2020, the US government has enacted (and will enact further) regulations limiting contractors' ability to sell certain products and services from identified Chinese companies, including Huawei Technologies Company, ZTE Corporation, Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company or Dahua Technology Company to the US government. The ban covers the types of products and services these companies typically provide. The initial regulations, enacted in 2019, concerned the provision of these goods or services (or if the goods or services are incorporated), but further regulations are expected to prohibit contractor possession of these goods and services whether or not they are provided to the US government.

Contractors are also now required to disclose, on at least an annual basis, whether they have used any of the identified products/services in performance of a government contract. While Huawei has filed a lawsuit challenging the statute and regulations, it was initially unsuccessful (though they have an opportunity to appeal).

Under the SECURE Technology Act, Congress established a Federal Acquisition Security Council (FASC). The FASC will identify and recommend which supply chain standards, guidelines and best practices should be addressed by NIST; identify executive agencies to provide shared acquisition services to support "supply chain risk management activities"; and develop criteria for sharing information among executive and non-executive federal agencies, and non-federal agencies "with respect to supply chain risk." The FASC will create standards for excluding companies or products that pose an unreasonable supply chain risk, an action that can be appealed by contractors in federal court.

Buy American and other domestic preference requirements

The current administration has placed an emphasis on supporting the US manufacturing base by promoting the enforcement and expansion of domestic preference and domestic sourcing requirements. The Buy American Act requires federal agencies to provide a price evaluation preference, typically between six and 12%, to domestically produced items over items imported from countries not subject to a trade agreement with the United States. In July 2019, the White House issued an Executive Order directing the FAR Council – the primary federal procurement rule-writing component of the federal government – to issue revised Buy American regulations which would increase the price evaluation preference for domestic items. The FAR Council has yet to issue any proposed revise rules, but it is likely that they will in the first half of 2020. This Executive Order, and the contemplated FAR Council rule-making, are the latest in a series of Executive Orders and directives. This theme of domestic preference also encompasses other issues addressed by this article, including supply-chain management and cybersecurity.

Enforcement Risks

The federal government has numerous tools at its disposal to combat procurement fraud, including the False Claims Acts (FCA) (civil and criminal) and the Suspension and Debarment process. The government continued to make considerable use of these tools in the past year, and while the volume or reported matters may have plateaued, the government's use of these related but distinct programmes continues to be more nuanced and involved. The government also announced a major new enforcement initiative to identify and prosecute collusion and other antitrust violations in public procurement at the federal, state, and local levels.

The Civil False Claims Act

The Civil FCA is an anti-fraud statute dating back to the US Civil War era. Its key features include statutory penalties per claim (which can include individual contract invoices), trebled damages for the full amount of each claim, and a whistleblower component (qui tam) that allows individual whistleblowers to bring and maintain actions in the name of the government and to share in any recovery.

In 2019, the federal government announced recoveries of more than USD3 billion under the FCA, a threshold it has cleared each year of the past decade. While the substantial majority of recoveries have come in the healthcare field, the FCA remains a potent threat for federal contractors. The government has used the FCA in a variety of contexts, including some that portend areas of heightened concern for contractors.

There were other significant case law developments in the context of the FCA that exceed the bounds of this article, but it is clear the FCA remains a primary anti-fraud law and its contours continue to evolve.

Suspension and debarment

The federal government has a policy of working only with contractors it deems to be "responsible," meaning not only that they have the financial and technical capacity to perform but that they have the business integrity and ethics needed to be a reliable partner. Companies and individuals who engage in criminal or fraudulent activity or otherwise demonstrate a lack of business integrity and ethics may be suspended or debarred from federal work.

It is important to note that the suspension and debarment process is separate and distinct from enforcement actions including FCA enforcement. Decisions regarding suspension and debarment are carried out by agency suspension and debarment officials (SDOs). While the considerations SDO's apply overlap considerably with those applied by the DOJ in criminal and FCA proceedings, the SDO's end objective is to determine whether a contractor (or an individual) is "presently" responsible. Importantly, the SDO's process and decision-making generally takes place on a separate track from any enforcement proceeding, although certain enforcement actions (ie, indictment or conviction) will trigger an automatic suspension or debarment.

In the past year the number of suspension and debarment actions remained fairly constant and has plateaued for several years after a substantial run-up which began in 2009. Over the course of that time suspension and debarment activity has become more ubiquitous across agencies (prior to 2009 some agencies had no suspension and debarment programme). In addition, the use of the threat of suspension or debarment to force contractors to enter probationary agreements and adopt more forceful ethics and compliance programmes has increased. This trend continued in 2019 and shows no sign of abating.

New initiative: Procurement Collusion Strike Force

On 5 November 2019, DoJ announced the formation of the Procurement Collusion Strike Force. The Strike Force will focus on investigating and prosecuting antitrust crimes that undermine competition in government procurement and grant and programme funding at the federal, state, and local levels. The Strike Force is an interagency partnership between DoJ's Antitrust Division, 13 US Attorneys across the United States, the Federal Bureau of Investigation, and Inspectors General from DoD, GSA, and other partner agencies. The formation of the Strike Force comes on the heels of a major bid-rigging settlement in 2018 involving guilty pleas from five South Korean petroleum and refinery companies who admitted to working together to suppress and eliminate competition in fuel supply contracts with the US government over an 11-year period.

The Strike Force will be investigating allegations of bid rigging, price fixing, and market allocation in public procurement across the United States. DoJ has identified specific market dynamics that are ripe for collusion, including markets dominated by a small group of major sellers, markets for products that are standardised or offer few substitutes, markets where purchases are repetitive and regularly schedule and where procurements are rushed in response to emergencies, and markets where employees frequently shift from one competitor to another. One area that may be the subject of heightened scrutiny at the federal level is the formation of teaming agreements, subcontracting relationships, and joint ventures. The consequences of antitrust violations can be severe, including civil liability, criminal penalties, and suspension and debarment from public contracting.

Originally published by Chambers 2020 Practice Guide on Public Procurement

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.