February 17, 2014

The Sneaky Pitfalls of Reps and Certs

Reps and Certs simultaneously document compliance with dozens of regulatory requirements and several public laws including: CAS (cert requirement); Debarment (checking that "is not" box is the first part of the two part debarment documentation requirement); Anti-Lobbying Act; and Small Business status (exempting small sub from both small business subcontracting plan and CAS compliance).

The good part about Reps and Certs is they are a one-tab-stop for regulatory compliance. The bad part is failure to obtain valid (fully completed and effective as of the date of subcontract award) Reps and Certs will lead to several significant CPSR findings, including CAS; SBSP; Anti-Lobbying Act, Debarment; File Documentation; and Training. You may also get a finding of failure of your internal audit program to find the missing documents [remember internal audit is required by DFARS 252.244-7001(c)(18)]. You can also be found for not complying with requirements for Other Than SB Documentation (no cert that the sub is small and DCMA reviews the file as if they are large) and lack of compliance with Affirmative Action and Previous Contract Compliance certs (at $10K).

With that may potential findings, Reps and Certs are REALLY important! Here are some tips regarding Reps and Certs (R&C) compliance:

1. Centralized storage: While centralized storage of R&C may seem like a time and space saver, it does technically run counter to the DCMA mantra "The file should tell the story of the procurement." This may seem a trifling issue, but remember that DCMA is not required to review any procurement documentation not included in the file. As a result it's important that files with values at or exceeding $30K include R&C to avoid public law findings.

2. ORCA (via vs. Contractor R&C: Contractor R&C are preferred for two main reasons. First, because ORCA is a cert to the government, subs are under no obligation to report changes in their status (debarment, size, etc.) upon occurrence to the prime. Second, during small business audits, SBA and DCMA require a SIGNED cert of SB status if those subs are reported in ISRs and SSRs. Getting your version of R&C signed is definitely in your company's best interest.

That being said, DCMA does accept ORCA as meeting the R&C requirement. However, if your company is using ORCA and you are a large business know that there is one significant compliance hole left open during your next SBA audit. There are two general ways to address this issue and still use ORCA: (1) incorporate ORCA by reference into your R&C which your sub then executes; or (2) provide SB subs with a one page checklist for their size status disclosure and signature. 

If you use ORCA, make sure you "open all the links" (size status for all applicable NAICS codes are "hidden" in the small business link, etc.) and print out a copy that includes the date of download. If DCMA cannot see required info, or cannot verify that the reps were downloaded and reviewed prior to award, then findings will likely result.

3. Check the checkboxes: Make sure the subs check all the boxes! If a sub misses a box, and that box aligns with a public law requirement (debarment is the usual suspect here), then even if the Reps and Certs are executed public law findings could still be available.

4. Watch out for lapsed R&C in ID/IQ files. If there is a release under an aged ID/IQ subcontract in your data call, DCMA can and will request that ID/IQ file as part of their review. So make sure the ID/IQ file includes R&C that cover the entire ID/IQ POP prior to DCMA review. If there is a timeline hole (e.g. OY1 R&C expire and new R&C aren't obtained until OY3) findings could apply to DCMA's review of that file.