One of the first registrations any business will complete is the FEIN – we need that number for every other registration.
In order to participate in federal government contracts, you must register in SAM which requires a corresponding D&B or DUNS registration.
Registrations at the state level include incorporation or name registration. Keep in mind that most states require you to register when you do business or have a location in that state. So, your HQ may be in one state, but have offices or employees in other states. Many states also require separate or specific registrations or licenses based on the type of work you perform or products you manufacture.
In addition to licensing, there are a variety of state tax registrations including income, withholding, unemployment, sales, and other special items.
The most common items at the local (county or municipal) level are business licenses and occupancy permits (for buildings). Again, there may be additional local registrations based on the type of product or service that you sell. Many cities and counties also have income and withholding taxes for both the employer and employee. Without a physical location, you may be required to register if you perform work in that area.
Certs & Reps can range from 1 page to 30 pages. I’ve seen the full-spectrum. Smaller acquisitions usually only have a few items, larger acquisitions have a lot. Know what is required based on the contract type and size, and product or service offered. Know if you are compliant and what you are signing. Some certs and reps are annual, some are with every acquisition. While completing certs and reps in SAM is required, agencies, offices, and primes are not required to use or rely on those certs. If you deal with a large number of customers, you are likely completing certs and reps on a daily or weekly basis.
It is important to know that the only true “government” contracts governed by the FAR are between the government and prime. All subcontracts are commercial contracts governed by the UCC. In reality, subcontracts are hybrid contracts in that they are commercial contracts with FAR/DFARS references and flow-downs.
The major agencies have their own supplemental FAR. While the same or similar, there can be differences, especially with Defense and DFARS.
Often, there are agency or prime-specific forms and guidelines (even their own interpretations of the FAR or supplements).
Six Business Systems Rule only applies if you are CAS-covered. HOWEVER, many primes are incorporating the same or similar language in their own T&C. Be sure you read all of the prime and government clauses incorporated by reference or included in a separate supplier or quality manual.
You will typically see questions about the review and approval status of your systems as part of certs and reps or other intake documents. This info is used in making a determination of a responsible bidder. Some of it is also used in determining the type or size of contract to award. For example, you cannot receive progress payments (which are always based on cost) if you do not have an approved system.
This is your cost collection system – every company will have this. You may not be required to be CAS compliant, however, these are good guidelines when designing your system, policies, and procedures.
If you have or get an approved system, get the letter from your CO and use that with all customers.
NCMA offers a 2-part Webinar on Demand about the CPSR. This is particularly important if you are subcontracting versus only purchasing supplies and services. Yes, there is a distinction, though that will not necessarily exempt you from a CPSR. If you are subcontracting, more likely to get on the radar sooner. If only purchasing supplies and OH/G&A services, less likely to garner attention. Still may get data request as part of 3-year rotating review.
CAS 401 states that Cost Collection and Cost Estimating systems must match. In other words, you must estimate costs in the same manner (type and level of detail) as you collect and invoice costs.
If you purchase, receive, repair, manage, or maintain government property, you must have some kind of system. Again, you may go unnoticed for some period of time – especially if the transactions are low-dollar and/or infrequent.
Once on the radar, get the approval letter from DCMA and use that with all of your customers to avoid individual audits or reviews.
If you are a manufacturer, this is part of your accounting system – how do you track, plan, procure, and cost material? Think about standard cost vs actual cost. Some companies use a variation of standard cost or hybrid approach.
Earned value comes into play with design/development project-type work where you report % complete with comparisons to actual dollars, actual hours, budgeted dollars, and budgeted hours. Provides accurate forecasts of project performance problems.
Includes: Project plan A valuation of planned work Pre-defined earning rules
Quality is somewhat left to the contractor, though the buyer can require source inspection or other reviews and audits. Having an ISO or CMMI certification can mitigate the number of individual customer reviews or audits.
Facility security is a world of its own if you are dealing with any classified info.
Cyber security is the newest and biggest threat. I’ve written a white paper on cyber security which you can download from my website.
Disaster recovery is often a clause in subcontracts from primes. They want to know that you have a plan in place to mitigate certain risks. There are formal guidelines and some of the big dogs put a lot of pressure on formalized plans, especially if you want to be a preferred supplier.
Audits and reviews, while similar in approach, vary greatly in scope and detail. A review may cover only a specific contract or portion of a contract and may require submission of limited data for someone to do a high-level evaluation.
Audits are more formal, more detailed, and result in a written report with findings.
Some audits or reviews are performed remotely or may be referred to as “desk audits.” You submit information via email, have a phone call, and may never see the auditor face-to-face.
Internal audits are more informal, though can have a huge impact on the outcome of your external audits. Regularly performing internal audits can improve your external audits by finding and resolving issues sooner. It also shows the auditors that you are committed to doing the right thing.
I’ll bet that most people are more scared of an IRS audit than a W/C, DCAA, or DCMA audit. Interesting fact from 2014!
In the world of W/C, every business is audited or reviewed every year. You must submit payroll information as part of your policy renewal and rate determination.
As I said earlier, if you are a government contractor, you will get to know your local DCAA and DCMA auditors. Over time, they will perform a number of reviews and audits of your organization.
Selling to the U.S. Government
Selling to the U.S. Government
Steps for Success