While comprehensive, end-to-end supply chain management is a moving target for all businesses, government contractors are subject to scrutiny, regulation and penalties for non-compliance unique to the federal government marketplace. To help prime and subcontractors monitor and secure their supply chains and keep their competitive edge, we’re exploring the many pieces that make up the complex supply chain puzzle for government contractors in a series. If you haven’t already, read part one here for a look at the Contractor Purchasing System Review, recently released counterfeit parts rules and country of origin restrictions.
In this installment, we’ll explore ethical considerations for government contractors, including the Federal Acquisition Register (FAR) “Contractor Code of Business Ethics and Conduct” clause, and discuss risk management for prime and subcontractor relations, the Combatting Trafficking in Persons (CTIP) FAR clause and the False Claims Act (FCA).
What does FAR 52.203-13 require?
Contracts for a value expected to exceed $5.5 million and with a performance period of 120 days or more must contain FAR 52.203-13, the “Contractor Code of Business Ethics and Conduct” clause, which requires the prime contractor to:
I. Have a written code of conduct made available to employees;
II. Exercise due diligence to prevent and detect criminal conduct;
III. Promote an organizational culture that encourages ethical conduct and compliance;
IV. Include a business ethics awareness and compliance program and an internal control system, unless the contract is for commercial items or with a small business.
V. Disclose in a timely manner credible evidence of certain wrongdoing in connection with their government contracts and subcontracts (specifically, violations of federal criminal law involving fraud, conflict of interest, bribery or gratuities or violations of the civil False Claims Act); and
The duty of a contractor to disclose credible evidence of wrongdoing committed by its subcontractors applies regardless of whether FAR 52.201-13 is included in the contract (FAR 3.1003), and could result in suspension and/or debarment for failure to disclose (FAR see 9.406-2(b)(1)(vi) and 9.407-2(a)(8)). This clause, along with several other FAR provisions, specifically require contractors to report or disclose bribery and corruption, or evidence of significant overpayments on the prime contract. A contractor must also report possible violations of the Anti-Kickback Act when they have reasonable grounds to believe a violation may have occurred.
What other business ethics considerations could impact my supply chain?
The Contractor Code of Business Ethics and Conduct clause also requires that prime contractors ensure business ethics awareness and compliance program commitments include training for agents and subcontractors as appropriate. Per FAR 52.203-13(d), the clause also states the prime contractor must flow down the entire clause into subcontracts that meet the size and duration thresholds that trigger its applicability to prime contracts.
Given the consequences, a prime contractor should obtain information about the subcontractor past performance and its compliance program before entering into a contract and negotiate clauses that require certifications, notification and ongoing access to information, such as a right to audit relevant books and records. During contract performance, prime contractors should review and monitor a subcontractor’s business ethics and conduct.
What does the Combating Trafficking in Persons clause require, and how can I manage risk?
Contractors and subcontractors must comply with federal legislation and regulations issued to combat trafficking in persons (CTIP), FAR 22.17 and FAR 52.222-50. The CTIP FAR clause is a mandatory flow-down clause for all covered contracts.
The CTIP rules addresses trafficking in persons in three ways. First it prohibits a range of activities, applicable to all government contracts and subcontracts, including commercially available off-the-shelf (COTS) items. Prohibited activities include, among others:
I. Engaging in severe forms of trafficking in persons, including using force or the threat of force in hiring, during the period of performance of a contract;
II. Procuring commercial sex acts during contract performance;
III. Using forced labor in the performance of a government contract; and
IV. A range of other practices related to trafficking in persons in recruiting, hiring and employing for both domestic and overseas contract performance, such as destroying, concealing, confiscating or otherwise denying access to the employee’s identity or immigration documents or denying payment for return transportation.
Second, CTIP rules create an expanded reporting and enforcement mechanism. Duties applicable to all contractors include:
I. Creating an awareness program to inform employees about the prohibitions and potential punishments for violation of the policy;
II. Notifying the U.S. government when they receive “credible information” that a contractor employee, subcontractor, subcontractor employee or their agent has violated the CTIP regulations;
III. Providing “full cooperation” with government CTIP investigations and audits, which includes commitments to:
a. Disclose credible information of any alleged violations of the CTIP regulations,
b. Provide timely and complete responses to auditors’ and investigators’ requests for documents,
c. Provide reasonable access to facilities and staff to facilitate federal audits and investigations,
d. Protect employees suspected of being victims of trafficking or witnesses, and
e. Refrain from hindering or preventing employees from cooperating with U.S. government authorities.
Third, the CTIP rules impose a broad set of risk management requirements for overseas contracts and subcontracts (except COTS) where the estimated value of the supplies to be acquired or services required to be performed outside the U.S. exceeds $500,000. These requirements include:
I. A compliance plan for prevention, monitoring and detection of trafficking in persons, which must be appropriate for the size and complexity of the contract; the nature and scope of the activities to be performed under the contract, including the number of non-U.S. citizens expected to be employed; and the risk that the contract or subcontract will involve services or supplies susceptible to trafficking;
II. Due diligence to determine potential violations in the supply chain; and
III. Certifications of no violations in the supply chain.
Contractors should ensure the minimum commitments required under the CTIP are flowed down to all subcontracts and contracts with agents, except the risk management requirements, which apply only to non-COTS, overseas subcontracts for which the overseas portion exceeds $500,000.
Additional best practices to manage risk under CTIP rules include:
I. Conduct due diligence and investigate whether subcontractors have engaged in prohibited practices before certifying compliance to the government;
II. During contract performance, engage in risk assessment and due diligence of subcontractors;
III. Carefully analyze CTIP and related rules for protecting employee victims and witnesses in trafficking investigations;
IV. Ensure that subcontractors are knowledgeable about prohibitions and commitments and monitor their own supply chains for compliance; and
V. Implement effective training, monitoring, auditing and reporting systems to carry out CTIP prohibitions and commitments.
How can I guard against False Claims Act exposure?
In its June 2016 decision, Universal Health Services, Inc. v. United States ex rel. Escobar, the Supreme Court upheld the “implied false certification” theory of liability under the FCA, which sets out both to mitigate the risk for government fraud and to penalize those who commit such fraud. The theory treats a government payment request as an “implied certification of compliance” with pertinent statutes, regulations or contract requirements material to conditions of payment, as explained in the Court’s opinion. The decision rejects the position supported by some industry groups, holding that the theory can provide a basis of liability in some circumstances, and implements a rigorous materiality standard for determining liability in those cases.
There are several potential risk scenarios for government contractors, including payment of a claim or reimbursement of a prime contractor based on false claims initially submitted or false statements or compliance certifications initially made by a subcontractor. For example, for certain contracts, a prime contractor’s proposal or invoices may relay or repeat a subcontractor’s statements, representations or certifications. Although a supplier submitting false information to the prime contractor or higher-tier subcontractor may be liable under the FCA, the prime contractor may also be exposed under the FCA for the subcontractor’s conduct.
Some prime contractors are beginning to require suppliers and subcontractors to indemnify them for liability that could arise under the FCA due to false claims or statements made by the supplier or subcontractor. As a best practice, prime contractors should exercise and update existing due diligence processes and internal controls, according to this new interpretation of liability to mitigate the risk for certifying false statements, even if unknowingly. They might also consider taking other steps to ensure that any such reliance on claims or statements made by the supplier or subcontractor is reasonable under the circumstances.
Stay tuned for the final part in this series, where we’ll examine export controls, anti-boycott measures and risks contractors face with regard to the Foreign Corrupt Practices Act.
Julia Bailey is a managing director and may be reached at email@example.com.
Warren Averett is an independent member of the BDO Alliance USA. This article was borrowed with permission from BDO USA, LLP