One reason the Defense Department’s use of other transaction agreements has become controversial in recent years is the military’s widespread use of third-party consortiums to help manage the acquisition process. Compared to more traditional procurements, few aspects of the government’s solicitation and award are visible to the public, making consortium-based OTAs something of a black box to researchers, journalists and outside watchdogs.
But a new audit by the DoD inspector general indicates that not even the Pentagon itself has a clear understanding of the billions of dollars it spends each year via OTAs, partly because of policy weaknesses, and partly because of technical shortcomings in the government’s central procurement database.
The difficulties in tracking the transactions were part of a wide range of problems the IG found in a new examination of consortium-based OTA spending, including inadequate controls over sensitive information DoD releases to consortium members.
Insight by GitLab: During this webinar executives from the State Department, U.S. Securities and Exchange Commission, U.S. Patent and Trademark Office and GitLab will discuss how institutionalizing a DevSecOps approach to software development is a journey that must bring together the technology and business sides to change an organization’s culture.
“With the Congress giving the department more authority to use this type of contracting vehicle, we were seeing an uptick in the use of OTAs,” Theresa Hull, the OIG’s lead auditor for acquisition issues said in an interview for Federal News Network’s On DoD. “OTAs awarded through consortiums present a much higher risk than some of the others because of the lack of visibility that the government has on a lot of information. So this, to us, was ripe for additional oversight.”
Part of the of visibility problem comes down to a shortcoming in the Federal Procurement Data System (FPDS), which was never designed to handle the way DoD interacts with consortiums, and still hasn’t been updated even after government spending through those consortiums has ballooned into tens of billions of dollars per year.
In many instances, government procurers have come to favor the consortium approach because it gives them access to a wide range of traditional and nontraditional vendors with expertise in a particular technology area — some of whom aren’t especially comfortable with doing business directly with the government.
So, instead of going through a traditional solicitation process, the government can ask for white papers to solve a particular technology problem with the consortium serving as an intermediary, and make streamlined awards for individual projects.
But in those instances, the contractual relationship — as far as FPDS is concerned — is between the government and the consortium, not the company performing the work. Consequently, official spending records only reflect the large, initial award to the consortium. Data on the actual tasks being done by consortium members is stored on individual spreadsheets, scattered across contracting offices around the country.
“There isn’t really a clear picture to know if services are duplicating efforts, and it really creates a blind spot for DoD,” Hull said. “They’re unable to determine the specific projects that contracting personnel are awarding under these consortiums, how much the government’s spending on a particular project or area, and even more important: Who’s performing that work? It’s really just the base award information that is visible to DoD right now, not those individual project awards that are made to the consortium members once that base agreement is in place.”
For its audit, the OIG looked at a sample of those base awards. According to FPDS, they were made to 13 different recipients – all consortiums – valued at $24.6 billion. But when auditors examined those non-public spreadsheets and agreement files, they found they were actually 718 different agreements with a value of $8.7 billion.
Although that sort of project-level data doesn’t exist in any central government database, some outside groups have attempted to track the dollar value of DoD’s spending through consortiums.
Bloomberg Government, for example, built its own database based on the award information some consortiums post on their own websites, and estimated DoD obligated $8.2 billion in 2020 — up from $3.4 billion the year before. But BGOV analysts said out of the 28 consortiums they examined, only 13 published enough data to determine the actual award recipients and amounts.
And apart from visibility issues over individual transactions, the OIG found DoD isn’t doing nearly enough to vet consortium members or maintain oversight over what types of information is released to them.
Those tasks are typically left up to the third-party consortium management organizations (CMOs), and the audit found numerous instances of security oversight weaknesses, Hull said.
“Just to highlight one, we identified solicitations and bid data that were subject to certain restrictions, such as U.S. contractors only. And there are certain DoD directives that require certain forms and vetting to qualify as a U.S. contractor in order to obtain access to restricted data and bid information,” she said. “But DoD is relying on CMOs to ensure that those security requirements are in place before providing the information to the consortium members.”
That doesn’t always happen. The audit found two instances in which un-vetted foreign contractors not only had access to U.S.-only information, but received awards. According to the OIG, that’s partly because DoD’s OTA guidance doesn’t address the need for vendors to register themselves in the System for Award Management, the government’s central database of contractors. Because of that, it’s conceivable that contractors who’ve been suspended or debarred could be getting OT awards too.
And Hull said DoD’s lack of oversight presents another security concern: The combined intelligence value of all of the information those un-vetted companies could assemble by virtue of their membership in a consortium.
“Each project is reviewed individually, but the consortium gets hundreds of projects within a specific technical area. And those consortium members are receiving all solicitation and supplementary guidance for each of them,” she said. “So the aggregate of that information can often provide a clear picture into the government’s interests with regard to military critical technologies, for example. And since DoD is relying on the CMOs to vet consortium members, there’s no true way for DoD to know what consortium members are even receiving the data.”
Want to stay up to date with the latest federal news and information from all your devices? Download the revamped Federal News Network app
Another issue is bid protests. Hull said there is still no legal consensus as to whether OTA awards are protestable at all, and if so, in what venues and at which stages. But at a minimum, DoD could include standard language in its OTAs that makes clear when it will and won’t entertain an agency-level protest.
“The guidance is not clear, and in our report, we highlighted some examples that demonstrated this confusion,” she said. “We made a recommendation for DoD to determine whether it will require the inclusion of that basic protest language in OTA solicitations and to establish processes or best practices to address protests. Our intent was to help clarify the protest process, and to ensure that the process is fair regarding scrutiny of awards, while not limiting the flexibility allowed through the use of the OTAs.”
In all, the OIG made 13 recommendations to fix DoD’s approach to OTAs via consortiums, and John Tegnalia, the department’s principal director for pricing and contracting has agreed to fully-implement 12 of them; he partially concurred with the remaining one.
That’s the good news, Hull said: all of the problems the audit found are fixable with additional oversight, training and policy formulation on the government side, and the findings are not an indictment of consortiums per se.
“The intent of OTs is to allow flexibility, but DoD needs consistent procedures for awarding and tracking them for more accurate reporting. That data-rich information is important for leadership to be able to make the appropriate decisions on policy and guidance to know what these OTAs are being used for,” she said. “Implementing these additional controls for how to award and how to report the OTs is not going to impact the flexibilities for the use of OTs as they were intended.”