Facilities management contracts sound like mundane things. But they’re expensive, and they require no less oversight than any other type of contract. But the National Security Agency didn’t do a stellar job of managing a $400 million contract for facilities and logistics. For the lessons learned, NSA Inspector General Robert Storch talked to Federal Drive with Tom Temin.
Insight by Menlo Security: Learn about the Justice Department's initiatives and strategies around cybersecurity in this free webinar.
Tom Temin: Mr. Storch, good to have you back.
Robert Storch: It’s great to be on Tom.
Tom Temin: Tell us what this contract was for, what it did and what it was all about.
Robert Storch: Sure. So this audit looked at the NSA’s award and administration of, as you say, a contract for over $400 million for installation and logistics services for NSA, to be performed over a five-year period of performance, starting with FY 2016 and going through FY 2020. And basically, the contract involve both installation and logistics services. So things like routine and minor maintenance, warehousing, storage, mail, transportation services, and then later – and this ended up being the basis for finding the agency added without competing it – property services involving things like inventorying and tracking – that was another $35 million.
Tom Temin: And I have to ask now that it’s all over, and the reports coming out now, is it too late to fix anything?
Robert Storch: Well, we think it’s really important to look at it. First of all, I should say this is an unclassified version of a previously issued classified report. As you may recall from prior visits that I’ve been fortunate to have on your show, since I’ve come on board here at the NSA we’ve been doing unclassified versions of our semi-annual reports, working on a seventh one right now. And then that also – this is our fifth unclassified version of a report or summary of a report of the underlying reports, questioning a total of over $1 billion in those reports. So we think it’s important from that point of view, from a time point of view, a lot of the work on this was done prior to the pandemic. And then we released the classified version of the report last year, and then prepared the unclassified version which we released more recently. Perhaps more importantly, though, we think it’s really important to do this sort of oversight, because, as I hope we’ll get a chance to talk about we identified a number of significant gaps and deficiencies in the agency’s processes, both for awarding these sort of contracts and in this case – I didn’t mention it before but this was a sole source section 8(a) contract. And the [Small Business Administration’s] 8(a) program that was awarded to an Alaska Native Corporation. We found significant problems with the way in which that contracting action was handled. So our recommendations are largely forward-looking to get the agency to fix its processes. So these sorts of problems don’t happen again.
Tom Temin: Yes, and it looks like this one had almost an original sin in the way it was awarded in the first place. Because he said it’s possible they didn’t follow the rules for single source and for the 8(a) program and a lot of other things. And Alaska Native – so tell us about the origination issues?
Robert Storch: Sure, absolutely. It’s a great question. So actually, you have to go back a little bit history. This contract, the requirement was initially identified back in 2007. And there was a contract awarded, a five-year contract for FY 2008-2012, to do this work at NSA. And then as that contract was coming to an end, the NSA contracted for a bridge contract for a period of three years, the purpose for which was to enable the agency to be able to prepare to compete the contract going forward. But we find in the report that they did not execute the actions in a timely manner that would be necessary to compete the contract. So effectively, they had a scramble at the end of that period, just literally with weeks to go, to go back to SBA. In order to do another 8(a). They initially were going to go back to the same company, but that company was no longer eligible. And so they awarded it to a sister company, which supported the same tribe. There’s a lot of information related to that in terms of the fact that it was a sister company, and they supported the same tribe that was not communicated to the SBA. But eventually, they end up awarding the sole source to this sister company for another five years. And one of the things that troubled us about this was that there were not provisions in place to ensure that there was timely communication with the SBA so that SBA could make an informed decision and also, that they didn’t adequately justify using a sole source in this, particularly given that the whole purpose of the bridge had been to compete it. So there were a whole host of problems we found related to all of this, and we made recommendations to help them to address though.
Tom Temin: We’re speaking with NSA Inspector General Robert Storch. And the other interesting thing is before we get to the possibly wrongfully done add on to it, worth $35 million, is that toward the end of the report, you state that was never a full performance evaluation done in the five years to see if this wrongly awarded thing was even a high quality program, at least for the agency.
Robert Storch: Yeah, absolutely. And that’s one of the things that also troubled us significantly is that when we looked at the administration of the contract, we found that they did not have sort of a guidance in place to effectively administer the contract. And then that they had not, as you say, done and documented a full performance evaluation. There’d been sort of a partial one that didn’t have all the metrics that was not fully documented, but they didn’t really have the procedures in place to ensure that they’re doing those sort of robust evaluations that everyone knows are really critical. And when you’re evaluating performance of a contractor, particularly on a contract of this size.
Tom Temin: And then looking at it did you get the sense that the agency was at least satisfied with the performance even if they couldn’t quantify or document it?
Robert Storch: I wouldn’t get into characterizing the agency’s reaction to the contractor. I mean, the fact is that they had one contractor here for the eight year period, and then went with a sister company that supported the same tribe for the next five years. So as you had mentioned earlier, they chose to add in there what we’ve used as beyond-the-scope modification to give additional work to that same contractor in terms of $35 million, and inventorying and tracking, were property services that we found should have been separately competed.
Tom Temin: So they compound that the error of the wrong possible award, and the lack of oversight with additions to it that might not have been proper?
Robert Storch: We found that those additional services should not have been added on to the sole source contract under something called the cardinal change doctrine that there were new labor categories that were raised. There were a substantial number of new employees that had to be hired and trained, new processes had to be developed to do those properties services that were different in kind and in scale from what was done under the initial contract, and we believe should have been separately competed from that contract. We also were troubled that during the course of the process on the initial contract, the contracting folks who had to sign off, raised a number of questions related to the justifications that were established, as did the Office of General Counsel, but there weren’t procedures in place to ensure that actions were actually taken in response to those comments. So one of the recommendations we make, which we think is a particularly important recommendation is that they ensure that they have appropriate procedures for when the agency itself spots issues that it makes sure those are addressed in a timely fashion, which did not happen here.
Tom Temin: I was gonna say where are the whistleblowers when you need them? Or did you have one in this case?
Want to stay up to date with the latest federal news and information from all your devices? Download the revamped Federal News Network app
Robert Storch: Well, we don’t identify whistleblowers but I will say we are passionate about whistleblowers in the IG community and certainly here at NSA, as I think we’ve discussed in other conversations, that’s something that has been a real area of emphasis for me personally, is as the IG here. I think whistleblowers perform a critical service to government agencies and to the public when they come forward with information, and we encourage them very much to do so.
Tom Temin: And the other thing about this is that it sounds like the way they conducted this solicitation and the procurement and the add on, since there weren’t a bunch of competing vendors, there was no protest mechanism to kind of maybe bring some of the flaws to light, which often happens.
Robert Storch: Yeah, that’s a great point. I mean, we found basically, that during the bridge period, they took some initial actions, we found a list of some potential companies in terms of market research, but very little done, actually to do the normal sort of work that you would do to identify companies. And in fact, they went with a process called the alpha process, which was not documented in DoD or NSA policies, or in the [Federal Acquisition Regulations] that basically contemplates, as we understand it, sort of a more collaborative sort of relationship between the contractor and the agency to work out what the requirements for the contract would be. And when that is used out in the broader community, – again, it’s our understanding because it’s not documented here or wasn’t – but our understanding is that that’s used in situations where you’re going to sole source, because obviously, you wouldn’t be able to do that if you were properly talking to lots of different competitors. And so they use this alpha process. And that was one of the pieces of evidence we found that showed along with internal emails and interviews that they had intended to do this as a sole source from pretty early on in the process. And as you say, that has implications both before and after the contract award.
Tom Temin: Alpha process sounds like, “preparation X” or something, you could haved called it anything. And you did give them quite a long list of recommendations. And from what I was able to read, the agency mostly agreed with you maybe a little sheepishly.
Robert Storch: Yeah, so the the agency ultimately agreed there were a couple where they didn’t agree right at the time we issued the report. But shortly thereafter, I mentioned we do our semi-annual reports to Congress and we actually have a write up on much shorter write up of this in our last annual report, the public version of that that’s on our website if folks are interested. And by the time of that the agency had agreed to take actions that once completed would be sufficient to meet the intent of all our recommendations.
Tom Temin: Got it. Robert Storch is the inspector general of the National Security Agency. As always, Thanks so much.
Robert Storch: It’s my pleasure, Tom, good to talk with you.