Q2 2022
Budget and Procurement Trends to Watch ALSO INSIDE:
10
12
CLEAN AUDIT CIDC CREED OPINIONS Professional Services Council PLEDGE
24
ME&A ASSISTS USAID
28
FEDERAL BUSINESS SCORECARD Service Contractor / 2022 / 1
UNANET
Dedicated to a thriving GovCon industry. With nearly $2B in commitments, our support for the financial needs of government contracting firms dates back decades.
Give us a call at 703.871.1361 to connect with a specialist. AtlanticUnionBank.com
THE SWITCH IS ON!
Q2 2022
10 CLEAN AUDIT OPINIONS
6
12 Navigating the Gap
Implementing Federal Software Security Requirements 4 President’s Letter 9 Backdoor Blacklisting 15 Bill Tracker
CIDC CREED PLEDGE
25 The Value of Intellectual
Property 28 Federal Business Scorecard
24 ME & A ASSISTS USAID
Cover illustration: shutterstock.com/tulpahn
Service Contractor
is a publication of the Professional Services Council 4401 Wilson Blvd., Suite 1110 Arlington, VA 22203 Phone: 703-875-8059 Fax: 703-875-8922 Web: www.pscouncil.org All Rights Reserved For advertising or to submit articles or items for the Member News section, contact: Pheniece Jones jones@pscouncil.org
P S C S TA F F David J. Berteau President & CEO berteau@pscouncil.org Stephanie Kostro Executive Vice President, Policy kostro@pscouncil.org David Broome Executive Vice President, Government Relations broome@pscouncil.org Cate Benedetti Vice President, Government Relations benedetti@pscouncil.org
Professional Services Council
Joe Carden, CAE Senior Vice President, Marketing & Membership carden@pscouncil.org Paul Foldi Vice President, International Development foldi@pscouncil.org Melissa R. Phillips, CMP Director, Operations phillips@pscouncil.org Robert Piening, CPA, CGMA Vice President, Accounting & Finance piening@pscouncil.org
Matthew Busby Director, Membership busby@pscouncil.org Michelle Jobse Director, Vision Forecast jobse@pscouncil.org Cassie Katz Director, Marketing katz@pscouncil.org Andrea Ostrander Vice President, Events ostrander@pscouncil.org Pheniece Jones Director, Media Relations jones@pscouncil.org
Jean Tarascio Director, Events tarascio@pscouncil.org Donald Baumgart Manager, Vision Forecast baumgart@pscouncil.org Karen Holmes Office Manager holmes@pscouncil.org Christian Larsen Senior Associate, Public Policy larsen@pscouncil.org Sebastian Herrick Senior Associate, Public Policy herrick@pscouncil.org
James Millar Associate, Research millar@pscouncil.org Natalia Gray Associate, Events gray@pscouncil.org Laila Hammonds Associate, Membership lhammonds@pscouncil.org Daniel Boddie Associate, Digital Marketing boddie@pscouncil.org
Service Contractor / 2022 / 3
PRESIDENT ’S LETTER
W
elcome to summer, 2022! Each year at this time, we see at PSC two competing dynamics. First, there are events that are part of the annual cycle of budgets and contracts. Then, there are the new initiatives and priorities that come from Congress and the administration, either to shape the future or to respond to current conditions. This summer, we seem to have an abundance of work on both fronts. As we do every year, PSC is closely tracking legislation, particularly the National Defense Authorization Act (NDAA) for funding priorities and policy changes that will affect national defense and security programs. The House Armed Services Committee’s version of the FY23 NDAA included a number of key provisions (note that the Senate marked up its version of the FY23 NDAA but at press time has yet to release details or language). You can read more in our regular Bill Tracker feature. The more immediate concern for government contractors, though, is how the NDAA will help them address the cost growth from inflation and the tight labor market that they’re experiencing today. An inflation rate of 8.6% means increasing costs for labor, components and materials, and transportation have rapidly outpaced the assumptions built into existing contracts and into FY22 agency appropriations (which assumed roughly 2 percent for inflation). PSC has urged the Administration to take action now to help companies address their higher workforce costs. One straightforward action would be to issue government-wide guidance to programs and contracting officers that, subject to available funds, encourages them to work with contractors to reimburse them for unexpected higher costs. PSC members can check out the online Inflation Resource Center with both civilian and DoD-related inflation guidance and information, including the March 2022 GSA guidance and the May 2022 DoD memo. The Center also includes PSC actions and additional information and can be found on the PSC website and clicking on the “Resource Center” tab. Beyond the NDAA and the impacts of inflation, PSC’s government relations team continues to track legislation related
4 / Service Contractor / 2022
to workforce, cybersecurity, and annual appropriations. The PSC Bill Tracker (pg. 17) also includes the status of these and other key bills on the Hill. In this issue you’ll also find articles on cyber, budgets, workforce, and more, including: • how industry meets the security challenges of federallyprocured software (pg. 6), • new procurement rules on labor law violations (pg. 9) • the benefits of clean audits (pg. 10), • the Coalition for Racial & Ethnic Equity in Development (CREED) Pledge (pg. 12), and • the value of intellectual property (pg. 27). In June, PSC held our annual Acquisition Conference, with speakers engaged with our attendees both virtually and in-person on issues ranging from speed of contract award and governmentindustry collaboration to the impact of the Great Resignation and emerging cyber security rules. We used this conference to roll out the latest PSC Business Forecast Scorecard, in which we rate 62 federal agencies and components, letting them know how well their posted forecasts fare against 15 criteria. Visit www.pscouncil.org and search Business Forecast Scorecard to see the results and the supporting comments from the government itself. Finally, we look ahead to the remaining key PSC events this year: Defense in October, International Development in November, and the Vision Federal Forecast Conference in December. Each conference planning committee worked to create engaging agendas and facilitate valuable networking both in-person and virtual while following the proper COVID-19 safety precautions. I look forward to seeing you there. As always, I welcome your input, your feedback, and your engagement in our efforts.
David J. Berteau, President and CEO
Professional Services Council
Navigating the Gap: Implementing Federal Software Security Requirements Now by Victor Foulk, Director, Cybersecurity Leader, Emerging Technologies Practice, CGI
T
he time to begin integrating secure software development and acquisition requirements into the Federal portfolio is now. This is based on the most recent statement on “Enhancing The Security of Federally Procured Software,” issued by the Office of Management and Budget (OMB) on March 7, 2022. OMB’s statement is driven by the requirements of Executive Order (EO) 14028, Improving the Nation’s Cybersecurity, and directs Federal agencies to begin adopting the National Institute of Standards and Technology (NIST) guidance on secure software development and software supply chain security immediately, tailoring it to the agency’s risk profile and mission. To meet mission requirements, Federal agencies depend on the security and integrity of vendor-supplied third-party software. Hardening our software supply chains and integrating secure software development practices is truly a national security imperative, one that the current state of geopolitical unrest and critical infrastructure attacks underscores. This worsening threat landscape, coupled with large-scale breaches of trust in software integrity—like the SolarWinds Orion compromise discovered in 2020—have set the stage for arguably the most influential series of cybersecurity–related directives in US history. The problem facing Federal acquisition professionals today is that many of the requirements themselves are still taking shape and some of the underlying technologies for compliance attestation are still maturing. Furthermore, the commensurate update recommendations to the Federal Acquisition Requirements are not due until May 2022. As such, agencies have to navigate the regulatory environment with a “more to follow” approach to software supply chain risk management. One that evolves efficiently over time. One that leverages collaborative engagement with their vendor base and establishes a roadmap for enhancing acquisition policies over time. One that strikes a balance between the vendor capabilities and the agency’s own technological maturity and risk tolerance. We have never been closer to real change that demonstrably increases the baseline level of cybersecurity across Government, and these software security measures are a critical part. Waiting for clarity in future directives delays essential, incremental improvements in security and leaves current risks unaddressed. Following the proactive approach laid out in the rest of this article, leaning into the regulatory intent early, delivers improved security and awareness now and enables an easier transition over time with lower long-term cost. 6 / Service Contractor / 2022
Revisit Software Asset Management: Being good in cybersecurity requires being great at the fundamentals; software supply chain security is no different. The intersection of cybersecurity and acquisition is asset management, and network defense depends on knowing what is on the network. Conduct an introspective assessment of existing acquisition policy, asset management practices, and inventory of assets. Having a comprehensive inventory is fundamental in building out a supply chain risk management program capable of measuring and understanding overall risk posture (e.g., vendor financial viability; foreign ownership, control and influence, etc.). The software asset management assessment is also a great opportunity to do some focused application rationalization, stripping out redundancies and culling low-utilization applications. Reducing the number and diversity of applications in the environment not only reduces the asset management and regulatory compliance burden, it reduces the attack surface.
Defining Critical Software
Per EO 14028, “critical software” is defined as any software that has, or has direct software dependencies upon, one or more components with at least one of these attributes: • Is designed to run with elevated privileges; • Has direct or privileged access to networking or computing resources; • Is designed to control access to data or operational technology; • Performs a function critical to trust; or • Operates outside of normal trust boundaries with privileged access. NIST refined this definition for preliminary use in an October 2021 white paper, to help agencies scope the initial implementation of these requirements.
Using the software inventory, identify which applications meet the definition of critical software, and prioritize them based upon an assessment of risk a vulnerability in each would present to agency mission. In a strictly compliance-driven sense, only critical software is at play for the current generation of requirements. Agencies should, however, strongly consider the full continuum Professional Services Council
shutterstock.com/Blue Planet Studio
of software assets and apply the requirements on a graded scale to even non-critical software. Let Log4j be a lesson here. The Apache Log4j vulnerability (dubbed Log4Shell) is just one recent example that highlights the importance of increasing our understanding of, and baseline level of security in, all of our software supply chains. Log4j is a ubiquitous piece of open source software that provides logging functionality in an immense number of products and services. Federal agencies and industry alike struggled to find and remediate the vulnerability due to its pervasiveness. The current requirements for secure software development and supply chain security could have mitigated much of this through the implementation of a software bill of materials (SBOM), discussed later. Establish a familiarity with the technical details within the Secure Software Development Framework (SSDF), and look internally to benchmarks for “acceptable proof ”, consistent with agency expectations and risk tolerance. Before engaging the vendor base, and before establishing agency-specific acquisition policy, a consistent internal understanding of the baseline requirements is essential. At a high level, the requirements are intended to ensure secure software development practices, as described in Section 4e, subsections (i), (iii), and (iv), of the EO. These are: (i) secure software development environments, including such actions as: (A) using administratively separate build environments; continued pg. 8 (B) auditing trust relationships;
Professional Services Council
(C) establishing multi-factor, risk-based authentication and conditional access across the enterprise; (D) documenting and minimizing dependencies on enterprise products that are part of the environments used to develop, build, and edit software; (E) employing encryption for data; and (F) monitoring operations and alerts and responding to attempted and actual cyber incidents; (iii) employing automated tools, or comparable processes, to maintain trusted source code supply chains, thereby ensuring the integrity of the code; (iv) employing automated tools, or comparable processes, that check for known and potential vulnerabilities and remediate them, which shall operate regularly, or at a minimum prior to product, version, or update release The fast track to identifying what expectations of vendors are suitable for the agency, as well as tailoring expectations to agency mission and risk tolerance, is through benchmarking against the agency’s own network authorization documentation. The level of veracity with which an agency can document and attest to similar requirements in their environment will help to level-set expectations. Admittedly, there is the potential that an agency’s own technological maturity in these areas is weak or still evolving, in which case retaining support from a trusted technical consultant is advisable. Such a consultant can provide the necessary technical expertise for near-term implementation of the requirements, training personnel as required, and helping the agency to define a viable and affordable path to maturity with the underlying security technologies. continued pg. 8 Service Contractor / 2022 / 7
from pg. 7
Engage the software providers within the agency ecosystem, and understand their actual level of technological maturity with respect to the secure software development requirements. Meet them where they are, with a plan to evolve. The consolidated software asset inventory, prioritized by criticality and risk, should guide the engagement strategy with the vendor base. A structured data call or survey is the least-effort approach, but the results will fall short of truly informative. Ideally, the software acquisition team actively engages in a conversation with vendor subject matter experts to discuss, and seek an understanding of, the software development practices at play. A vendor engagement should cover security practices from the EO, as discussed above, but also the vendor’s vulnerability disclosure program(s) and ability to generate effective SBOMs covering the whole of their supply chain, including open source software dependencies. This will serve to establish a high-level baseline understanding of the vendor’s conformance. It can also help shape the agency’s policy timeline, taking into account what the vendor ecosystem can provide now, and their plans of action and milestones to reach the next level of compliance over time. This information is key to building the agency’s roadmap for realistic policy evolution, driving feasible in partnership with the vendor base.
The Open Source Challenge
Much of the world’s software leverages open source codes and libraries. For open source materials that an agency uses directly, thoughtful consideration must be given to how the agency itself will attest to security. Many open source projects lack the resources to meet compliance objectives quickly. Ultimately, resources from the agency, a third-party contractor, or other source may be required to appropriately secure the open source supply chain. There is an obvious inconsistency in the guidance that agencies will have to grapple with. The OMB guidance issued on March 7 requires agencies to begin implementing the SSDF and related practices in software procurement immediately. However, it stops short of requiring agencies to invoke formal attestation requirements due to the ongoing development of standards for what constitutes suitable artifacts. It is ill advised, however, to wait for those updates before engaging with, and requesting supporting data from, the vendor base. Agencies are on the hook for risk acceptance now. Even though NIST is hosting a public workshop on behalf of OMB to drive industry engagement on artifacts and attestation, achieving a consistent standard that can apply to all agencies is still likely far off. Thus, the forward leaning approach to implementation is a logical one, and cultivating a strong, communicative relationship with the vendor ecosystem is a proven best practice. Update agency contract requirements for software acquisition using a graded approach, applying the strongest attestation requirements feasible for the current maturity level. A consolidated software asset inventory, prioritized by criticality and risk, coupled with the benchmarking achieved
8 / Service Contractor / 2022
NIST Guidance on Procurement
In February 2022, NIST provided guidance to acquisition and procurement officials regarding an appropriate conformance statement. Such statements should include: • Software producer’s name • A description of which product or products the statement refers to • A statement attesting that the software producer follows secure development practices • Name and title of who can provide the artifacts generated by the secure software development activities related to EO 14028 Sections 4e(i), 4e(iii), and 4e(iv). through vendor engagement, will provide the agency valuable insight into the security of the software supply chain. Further, a clearer picture emerges of what expectations an agency’s vendor ecosystem can meet without triggering explosive costs. At this stage, agency-specific policy changes can provide realistic improvements in software supply chain security now, balanced with the agency’s risk tolerance and the vendor ecosystem’s maturity. This includes a roadmap for adaptation over time to increase compliance and attestation requirements as the regulatory frameworks evolve. While work continues at the Federal level to define what artifacts are appropriate for secure software development attestation, agencies should begin with the basics, documented by the vendor via self-attestation. The bar, for now, should be set appropriately low, understanding that industry is adapting to these new requirements along with the Federal Government. That minimum bar, however, should include a narrative vendor attestation that they do, or do not, meet the requirements as laid out in the NIST guidelines, and if not, when they expect to. Furthermore, agencies should require: • Details on the vendor’s vulnerability disclosure program. • Detailed expectations on vulnerability reporting. • SBOMs to the highest level of fidelity the vendor can provide under current technical maturity. Each of these elements should be considered foundational, and are essential to improving an agency’s risk posture. Agencies can incorporate additional fidelity, with artifacts attesting to secure software development processes, into their acquisition requirements as the standards continue to evolve.
Next Steps on Our Journey
We, Government as well as the national industrial base, have a lot of hard work in front of us as we strive to elevate the baseline level of cybersecurity across all Federal sectors. Together, we can achieve the vision set forth in the most influential series of cybersecurity–related directives in US history. For more discussion on this topic, or to discuss how to apply these principles toward evolving your software supply chain security program, feel free to reach out to me. 3
Professional Services Council
Backdoor Blacklisting?
New USDA Proposal Attempts to Resurrect Repealed Executive Order on Labor Law Violations by Cate Benedetti, Vice President, Government Affairs, PSC
S
ince the issuance of the “Fair Pay and Safe Workplaces” Executive Order in 2014 (EO 13673), PSC has worked with our member companies and like-minded industry partners to highlight its flaws, repeal the requirements it on imposed on contractors, and limit efforts to re-impose similar requirements. In short, EO 13673, and the accompanying guidance, sought to establish new labor reporting and compliance requirements for determining that a contractor is a responsible source to receive contract awards from the federal government. While these goals are well intended, the devil was in the details. And in this case, the details would have denied contractors due process rights; established a duplicative and costly compliance and reporting regime; and offered no material benefit to the government in return. The courts halted implementation before the final regulations from the FAR Council and Department of Labor could take effect and the advocacy from PSC and others in industry culminated in the passage of a Congressional Review Act (CRA) resolution of disapproval. The CRA is a tool that allows Congress to pass legislation disapproving a rule issued by a federal agency, using expedited procedures and only a Congressional majority. Its passage prevents the rule from taking or remaining in effect. Of note, the CRA also prohibits re-issuing the disapproved rule in “substantially the same form” or issuing a new rule “that is substantially the same” unless authorized to do so by a subsequent law. Given this history, many were surprised to see near-identical language from Fair Pay and Safe Workplaces repackaged in newly proposed regulations issued by the Department of Agriculture in the Federal Register in February of this year. The proposed rule, issued on February 17, 2022, would require contractors to certify, under penalty of the False Claims Act, that they are in compliance with an undefined group of state and federal labor laws; to list of all previous state and federal labor law violations for the prime, their subs and suppliers, and potentially parent companies or subsidiaries; attest that they, and their supply chains, have complied with any remedial measures ordered; and do so on a regular basis over the life of the contract. PSC’s comments were direct: we stated in part that “this proposed rule as drafted is unlikely to improve compliance or outcomes and is simply an unworkable, costly, and potentially illegal burden on the government’s contracting partners with no justification or foreseeable benefits to the government.” We continued that, “Both the Legislative and Judicial Branches of the U.S. Government opposed, and took actions to Professional Services Council
halt implementation of, a previous Executive Branch proposal that was substantially and substantively the same as this current proposed rule; this renewed USDA effort is a direct challenge to those actions. Thus, this proposed rule is not simply an administrative update. We are disappointed and concerned that it is being treated as such.” In addition to the CRA challenge, PSC raised a number of concerns on the substance of the regulation, the lack of any justification and cost estimates, and the manner in which the Department was issuing this rule—essentially tucking it into a larger administrative package rather than following the procedures used for a rulemaking of this importance. Then on June 21, 2022, the Administration issued the “Spring Unified Regulatory Agenda,” which lays out the Administration’s regulatory objectives for each federal agency for the year. In it, USDA stated its intent to re-propose this rule in December 2022, without providing additional details on their reasoning or purpose. This update may be encouraging. PSC requested the Department withdraw the labor law proposal in its entirely, we are hopeful that will be the Department’s decision. But the reissuance may signal that USDA will continue to move forward with a similar but revamped regulation and again attempt to implement a new blacklisting mandate on the contractor community in December. One of PSC’s top priorities has been to demonstrate the value of contractors and ensure fairness and due process for the contractor community. While the USDA is a small agency—its percentage of the total federal budget in fiscal year 2021 was 3.45 percent—it is important that contractors working with every federal agency are treated fairly and that each agency is transparent and following proper procedures. It is also important to highlight that if USDA is successful in this challenge to the CRA, it is likely that other federal agencies could soon follow suit. In fact, similar regulatory efforts are said to be in the works for at least three other agencies. If USDA is allowed to move forward, we could see a domino effect across the federal government of new, burdensome and costly compliance requirements in this area. Accordingly, as we monitor this re-proposal, we are looking for feedback from our member companies to help with this effort. For more information, you can read out comments at www.pscouncil.org and reach out to policy@PSCouncil.org with your thoughts and comments. 3
Service Contractor / 2022 / 9
Clean Audit Opinions:
The Bar Has Been Raised for the DoD
by Rick Pauly, Director of Business Growth and Adriana “Obi” Obogeanu, Director of Financial Systems Integration, Significance, Inc.
T
he Department of Defense (DoD) receives hundreds of billions of dollars annually and has more than $2.2 trillion in assets. Due to the size and complexity, it’s not surprising that the DoD is the only federal agency that has not yet received a clean audit opinion by an Independent Public Accounting (IPA) firm.
The Marine Corps is Leading the Way In fiscal year 2010, the United States Marine Corps (USMC) was the first service to undergo an audit by an IPA. Since then, the remaining military branches have followed suit. However, a clean audit opinion has continued to elude all branches of service to date. Currently, the USMC is engaged in a massive Force Design effort to reorient itself in its focus, organization, equipping, posture, and employment concept for the type of challenge presented by near-peer adversaries. Part of this effort is its recent transition to a new financial management system, the Defense Agencies Initiative (DAI). Transferring all end-to-end business processes into DAI will improve financial, property, asset, and personnel accountability and increase efficiencies and the timeliness of support to the warfighter down range. The transition to DAI will support the Marine Corps’ clean audit efforts and serve as a precedent for the other branches who have the same objectives.
Benefits of a Clean Audit Opinion: 1. Financial Transparency and Accountability. Taxpayers will gain confidence that the dollars entrusted to the Department of Defense are being used responsibly, effectively, and efficiently. This would provide credibility that the DoD is committed to getting the most bang for their buck and doing so in a way that is reported accurately on the annual Agency Financial Report. 2. Credibility with Congress. Similarly, a clean audit provides credibility with Congress. As the DoD‘s “Board of Directors”, Congress is growing weary of its inability to pass an audit. In fact, Senators Chuck Grassley and Bernie Sanders co-sponsored a bill to reduce the Pentagon’s budget every year the Department 10 / Service Contractor / 2022
fails an audit. A clean audit leads to credibility that funds are spent appropriately and within Congressional intent. 3. Compliance with statutory mandates. Achieving a clean audit opinion would prove that DoD is in compliance with applicable laws, rules, regulations, and Generally Accepted Accounting Principles (GAAP). This also indicates that key stakeholders involved in the lifecycle of financial transactions are properly trained and educated on all requirements regarding appropriated funds, fiscal law, and policy. 4. Business Process and System Improvements. Clean audits drive standardization, simplification, and agility. Approximately 14 years ago, the Department of Defense 4th Professional Services Council
Estate agencies (26 agencies and field activities) set out to create a new accounting system to help address a long-standing issue of not receiving clean audit opinions. The time and money associated with revising financial reports to obtain a clean audit were creating enough problems to warrant a complete overhaul and consolidation of all the agencies’ different accounting systems. This new system and its rollout to other agencies was named the Defense Agencies Initiative (DAI). During the last 14 years, as DAI rolled out across these agencies, all of them made strides towards standardized system and business processes and financial reporting, which brought them closer to receiving clean audit opinions. This caught the eye of other agencies, including the Marine Corps. In 2021, the USMC made the bold decision to sunset their legacy accounting system, the Standard Accounting, Budgeting and Reporting System (SABRS), and transition to DAI to accelerate their goal of achieving their first clean audit opinion.
6. Accountability. Audits drive better accountability. Maximum operational readiness is best achieved when strong accountability measures are being utilized. A clean audit opinion would demonstrate that the Defense Department has accountability of all assets, including warships, aircraft, tanks, real property, missiles, weapons, equipment, etc. Accurate inventory is an operational concern. As an example, an October 2019 article on military.com reported that Navy leadership acknowledged that the Navy audit uncovered $126M in aircraft parts they didn’t know existed. Not only did they not know the parts existed, but they didn’t know the warehouse where the parts were stored existed. As the military branches identify these issues and correct them, asset accountability coupled with financial accountability, will allow for better planning, programming, and budgeting for Future Year Defense Program (FYDP) dollars. Moreover, accuracy leads to operational agility that best positions the military to defend America’s position as a global power.
A Five-Year Strategy
shutterstock.com/Talaj
A clean audit opinion would demonstrate that the Defense Department has accountability of all assets, including warships, aircraft, tanks, real property, missiles, weapons, equipment, etc.
5. Internal controls. Establishing strong internal controls across all systems and business processes will prevent fraud, waste, abuse, and mismanagement. Effective internal controls also increase the material readiness of Commanders, allowing them to apply resources to emergent requirements. In 2004, an Office of Management and Budget Circular (OMB Circular A-123 - Management’s Responsibility for Internal Control) was published to mandate government Chief Financial Officers, Chief Operations Officers, Chief Information Officers, and Program Managers to implement internal controls across all organizations to prevent inappropriate financial transactions and activities.
Professional Services Council
Michael McCord, the Chief Financial Officer for the Office of the Secretary of Defense (OSD), articulated his goals for financial management when he released his Financial Management 22-26 strategy. His five objectives were: 1. Cultivate a skilled and inspired FM workforce 2. Optimize taxpayer dollars for the highest value outcomes 3. Increase integrity of financial results 4. Simplify and optimize our end-to-end business environment 5. Empower data-driven, fiscally informed decision making It could be argued that OSD should work to transition all the military branches to a single accounting system to get after these stated goals, especially goals three through five. DAI may be that solution since it has helped other Defense agencies achieve a clean audit opinion. Over 25 Defense organizations operate on DAI, with the USMC joining this past November, and Navy Special Warfare Command preparing to ‘go-live’ in DAI in October of this year. One accounting system across the DoD would definitely ‘simplify and optimize our end-to-end business environment.’ Financial efficiency and asset accountability in one accounting system is one of many tools that would serve as a force multiplier, ultimately improving our operational readiness and our ability to more effectively support the warfighter. 3 Rick Pauly, USMC Col (Ret.) had a distinguished 30-year career in the US Marine Corps, where he gained expertise in financial management with both the Department of the Navy and Department of Defense. He leads business development efforts at Significance. To learn more about and its capabilities, contact Rick at Richard.pauly@significanceinc.com or visit www.significanceinc.com. Adriana “Obi” Obogeanu, USMC CWO3 (Ret.), served in the US Marine Corps for 16-years, where she gained expertise in financial management, internal control evaluation, systems integration, regulatory compliance, program management, and business process reengineering. Service Contractor / 2022 / 11
CIDC Signs On as Ally to CREED Pledge
by Paul Foldi, Vice President, International Development, PSC
A
In April 2022, both USAID and the Department of State released Diversity Action Plans, as required under Executive Order 14035, Diversity, Equity, Inclusion, and Accessibility in the Federal Workforce. To learn more and engage with PSC’s CIDC, visit https:// www.pscouncil.org/psc/Councils/c/__p/cc/CID.aspx. The PSC Council of International Development Companies (CIDC) creates a dynamic, sustainable advocacy platform for U.S. development companies. The CIDC engages in thought leadership and high-level dialogue with various U.S. federal agencies and stakeholders involved in implementing U.S. foreign assistance programs through monthly committee meetings, an annual conference and other special events. In addition to advocating, educating and facilitating engagement on pressing international development issues, CIDC also informs and advocates on contracting, regulatory, legislative, business process and business development issues. 3
shutterstock.com/SeventyFour
s of June 1, 2022, PSC’s Council of International Development Companies (CIDC) is an official Ally of the Coalition for Racial & Ethnic Equity in Development (CREED) Pledge, which many individual CIDC members have signed. CREED brings together both contractor and NGO development implementers and demonstrates a commitment to addressing key issues related to diversity, equity, inclusion, and accessibility (DEIA). CIDC members have long recognized the importance that DEIA plays, not only in building their own staffs but also in ensuring that international development programs achieve long-lasting results. DEIA reinforces the value of locally-led development and highlights the positive impact that multiple voices and perspectives bring to U.S. foreign assistance. CIDC’s DEIA Working Group (headed by Indira Ahluwalia of Palladium, Shiro Gnanaselvam of Social Impact, and Bobby Jefferson of DAI) meets regularly to discuss best practices and latest developments, whether in companies or the federal customer.
12 / Service Contractor / 2022
Professional Services Council
Welcome New Q2 PSC Members!
For more information on PSC membership, contact membership@pscouncil.org.
Professional Services Council
Service Contractor / 2022 / 13
14 / Service Contractor / 2022
Professional Services Council
Bill Tracker: 117th Congress-First Session (2022) NEW
Newly introduced since last issue
Major action taken since last issue
Bill became law since last issue
H.R. 21
FedRAMP Authorization Act, Connolly (D-VA) SUMMARY Would codify the Federal Risk and Authorization Management Program within the General Services Administration and make certain changes designed to enable the government to better leverage cloud computing services. STATUS Passed the House (voice vote) on 1/5/21. Related bill: S. 3099. Congressional Budget Justification Transparency Act, Quigley (D-IL)
H.R. 22
SUMMARY Would require federal agencies and the Office of Management and Budget to make certain budget justification materials publicly available. STATUS Passed the House (412-2) on 1/5/21. Related bill: S.272.
H.R. 26
Construction Consensus Procurement Improvement Act, Comer (R-KY) SUMMARY Would prohibit the federal government from using reverse auctions for complex, specialized, or substantial design and construction services. STATUS
Signed into law on 7/26/21; P.L. 117-28.
Security Acquisition Professional Career Program Act, Titus (D-NV) H.R. 367 Homeland Would establish an acquisition professional career program to develop a cadre of acquisition SUMMARY
professionals in the Department of Homeland Security. STATUS Passed the House (voice vote) on 4/20/21. Reported by the Committee on Homeland Security and Governmental Affairs on 5/24/22
H.R. 408
Department of Homeland Security Mentor-Protege Program Act, McEachin (D-VA) SUMMARY Would codify the Mentor-Protégé Program of the Department of Homeland Security. STATUS Passed the House (voice vote) on 4/20/21. Ordered to be reported by the Committee on Homeland Security and Governmental Affairs on 7/14/21.
H.R. 916
Rebalance for an Effective Defense Uniform and Civilian Employees (REDUCE) Act, Calvert (R-CA) SUMMARY Would reduce the Department of Defense civilian workforce by 15% by Fiscal Year 2025. STATUS
H.R. 978
Referred to the House Committee on Armed Services on 2/8/21. Chai Suthammanont Remembrance Act, Connolly (D-VA)
SUMMARY Would require federal agencies to develop and disclose safety plans that contain certain information for on-site employees and contractors during the public health emergency relating to COVID-19. STATUS Ordered to be reported by the Committee on Oversight and Reform on 5/13/22. Related bill: S.2343.
H.R. 1251
Cyber Diplomacy Act, McCaul (R-TX) SUMMARY Would create a Bureau of International Cyberspace Policy at the Department of State, led by an ambassador with the same rank and status as an assistant secretary of state. STATUS Passed the House (voice vote) on 4/20/21.
H.R. 1319
American Rescue Plan Act, Yarmuth (D-KY) SUMMARY Provides supplemental appropriations to address the continued impact of COVID-19 on the economy, public health, state and local governments, individuals, and businesses. Among other provisions, the law includes $1 billion for the Technology Modernization Fund and an extension of CARES Act Section 3610. STATUS
Signed into law on 03/11/21; P.L. 117-2.
Professional Services Council
Service Contractor / 2022 / 15
Bill Tracker: 117th Congress-First Session (2022) NEW
Newly introduced since last issue
Major action taken since last issue
Bill became law since last issue
H.R. 1602
Eliminate Barriers to Innovation Act, McHenry (R-NC) SUMMARY Would establish the ‘SEC and CFTC Working Group on Digital Assets’ to analyze and report on the legal and regulatory framework in the United States for digital assets and make recommendations for improvement. STATUS
Passed the House (voice vote) on 4/20/21.
H.R. 1833
DHS Industrial Control Systems Capabilities Enhancement Act, Katko (R-NY) SUMMARY Would designate the Cybersecurity and Infrastructure Security Agency as responsible for maintaining capabilities to identify and mitigate cyber threats to industrial control systems. STATUS
Passed the House on 7/20/21. Text included in the FY22 National Defense Authorization Act (P.L. 117-81).
H.R. 2471
Consolidated Appropriations Act, Jefferies (D-NY) SUMMARY Provides funding for federal agencies for the remainder of FY22 and included new cybersecurity reporting requirements, Ukraine-related spending and the text of the Intelligence Authorization Act. STATUS Signed into law on 3/15/22, 117-103.
H.R. 2485
Access to Congressionally Mandated Reports Act, Quigley (D-IL) SUMMARY Would require the Government Publishing Office to establish and maintain a publicly available online portal containing copies of all congressionally mandated reports. STATUS Passed the House (voice vote) on 7/26/21. Related Bill: S.2838.
H.R. 2617
Performance Enhancement Reform Act, Connolly (D-VA) SUMMARY Would require agencies’ chief performance officers to now include the chief human capital officer, the chief information officer, the chief data officer, and the chief financial officer when preparing the annual performance plans. STATUS Passed the House (414-10) on 9/28/21. Ordered to be reported by the Senate Committee on Homeland Security and Governmental Affairs on 11/3/21.
H.R. 2685
Understanding Cybersecurity of Mobile Networks Act, Eshoo (D-CA) SUMMARY Would require the National Telecommunications and Information Administration to report to Congress on the cybersecurity of existing wireless networks (2G, 3G, and 4G) and vulnerabilities to cyberattacks and surveillance by adversaries. STATUS Ordered to be reported by the Committee on Energy and Commerce on 7/21/21. Passed the House (404-19) on 12/1/21.
H.R. 2915
Homeland Procurement Reform (HOPR) Act, Correa (D-CA) SUMMARY Would require the Secretary of the Department of Homeland Security to procure one-third of items for a frontline operational component from small businesses to the maximum extent possible. STATUS Passed the House (voice vote) on 11/16/21. Related bill: S.1009.
H.R. 3264
Domains Critical to Homeland Security Act, Katko (R-NY) SUMMARY Would require the Department of Homeland Security to undertake research and development to identify and evaluate the extent to which critical domain risks within the United States supply chain pose a substantial threat to homeland security. STATUS Passed the House (voice vote) on 7/20/21.
H.R. 3350
Small-business Procurement Utilization Reform (SPUR) Act, Neguse (D-CO) SUMMARY Would increase the governmentwide goal for the percentage of procurement contracts awarded to small business concerns. STATUS Referred to the House Committee on Small Business on 5/19/21. 16 / Service Contractor / 2022
Professional Services Council
Bill Tracker: 117th Congress-First Session (2022) NEW
Newly introduced since last issue
Major action taken since last issue
Bill became law since last issue
H.R. 3919
Secure Equipment Act, Scalise (R-LA) SUMMARY Would prohibit the Federal Communications Commission (FCC) from approving any authorization application for certain Chinese telecommunications equipment. STATUS Signed into law on 11/11/21; P.L. 117-55. Related bill: S.1790
H.R. 4042
Aviation Funding Stability Act, DeFazio (R-OR) SUMMARY Would exempt the Federal Aviation Administration (FAA) from federal shutdowns by giving the FAA access to non-appropriated funds. STATUS Ordered to be reported by the Committees on Transportation and Infrastructure on 10/27/21.
H.R. 4350
National Defense Authorization Act for Fiscal Year 2022, Smith (D-WA) SUMMARY Would authorize appropriations and policy for Fiscal Year 2022 for the Department of Defense. STATUS Passed the House on 9/23/21. Related bill: S.1605.
H.R. 4357
The DHS Reform Act, Thompson (D-MS) SUMMARY Would make reforms to the Department of Homeland Security mission and management, including making changes to the workforce and the department’s acquisition authorities. STATUS Referred to the Committees on Homeland Security; Judiciary; and Transportation and Infrastructure on 7/6/21.
H.R. 4363
DHS Contract Reporting Act, Harshbarger (R-TN) Would require daily public reporting by the Department of Homeland Security for contract awards over $4 million. STATUS Passed the House (voice vote) on 9/29/21. Reported by the Senate Committee on Homeland Security and Governmental Affairs on 6/9/22. SUMMARY
H.R. 4363
DHS Contract Reporting Act, Harshbarger (R-TN) Would require daily public reporting by the Department of Homeland Security for contract awards over $4 million. STATUS Passed the House (voice vote) on 9/29/21. Reported by the Senate Committee on Homeland Security and Governmental Affairs on 6/9/22. SUMMARY
H.R. 4445
Ending Forced Arbitration of Sexual Assault and Sexual Harassment Act, Bustos (D-IL) Prohibits the use of clauses in employment contracts that would require forced arbitration for victims of sexual assault and harassment. STATUS Signed into law on 3/3/22, P.L. 117-90. SUMMARY
H.R. 4521
America COMPETES Act, Johnson (D-TX) SUMMARY Would reform federal agencies policies and procedures with the intent of enhancing U.S. competitiveness with China. STATUS Passed the House by a 222-210 on 2/4/22. Related Bill: S.1260.
H.R. 4682
Unmanned Aerial Security (UAS) Act, Guest (R-MS) SUMMARY Would prohibit the Department of Homeland Security from operating, financing, or procuring unmanned aircraft systems that are manufactured in China. STATUS Passed the House (voice vote) on 9/29/21.
H.R. 5104
Just In Case Act, Wittman (R-VA) SUMMARY Would provide DoD with the authorities to pay certain contractor expenses during pandemics and other emergencies. STATUS Referred to the House Committee on Armed Services on 8/24/21. Professional Services Council
Service Contractor / 2022 / 17
Bill Tracker: 117th Congress-First Session (2022) NEW
Newly introduced since last issue
Major action taken since last issue
Bill became law since last issue
H.R. 5305
Extending Government Funding and Delivering Emergency Assistance Act, DeLauro (D-CT) SUMMARY Provides for a continuing resolution for federal agencies and provides disaster relief and supplemental appropriations for Afghanistan related accounts. STATUS Signed into law on 9/30/21; P.L. 117-43.
H.R. 5325
End Government Shutdowns Act, Balderson (R-OH) SUMMARY Would provide continuing appropriations to prevent a government shutdown if appropriations bills or a continuing resolution have not been enacted. The bill would reduce the appropriations by 1% after the first 120-day period and by an additional 1% for each subsequent 90-day period until appropriations legislation is enacted. STATUS Referred to the Committee on Appropriations on 9/22/21. Related bill: S.2760.
H.R. 5440
Cyber Incident Reporting for Critical Infrastructure Act, Clark (D-NY) SUMMARY Would establish the Cyber Incident Review Office in the Cybersecurity and Infrastructure Security Agency and require certain critical infrastructure owners and operators to report cyber incidents. STATUS Referred to the House Committee on Homeland Security on 9/30/21.
H.R. 5411
Governing Effectively, with Transparency, Integrity, and Timeliness, and Doing Our Necessary Expenditures Act (or the GET IT DONE Act), Johnson (R-SD) SUMMARY Would hold the salaries of certain government officials and prohibit travel if each of the regular appropriations bills for a fiscal year prior is not enacted into law by the beginning of the fiscal year. STATUS Referred to the Committees on Appropriations, Oversight and Reform, House Administration, Rules, and the Budget on 9/29/21.
H.R. 5415
Debt Ceiling Reform Act, Boyle (D-PA) SUMMARY Would authorize the Secretary of the Treasury to increase the public debt limit without Congressional action. STATUS Referred to the House Committee on Ways and Means on 9/29/21.
H.R. 5412
Intelligence Authorization Act for Fiscal Year 2022, Schiff (D-CA) SUMMARY Would authorize appropriations for the Intelligence Community’s programs for Fiscal Year 2022 and includes policy provisions that impact the Intelligence Community’s contractor workforce. STATUS Ordered to be reported by the House Permanent Select Committee on Intelligence on 9/29/21. Related bill: S. 2610.
H.R. 5495
Building Resilient Supply Chains Act, Malinowski (D-NJ) SUMMARY Would create a Supply Chain Resiliency and Crisis Response Office in the Department of Commerce and authorizes funding to develop, diversify, and expand supply chains and the domestic manufacturing of critical goods and services. STATUS Referred to the House Committee on Energy and Commerce on 10/5/21.
H.R. 5501
Ransom Disclosure Act, Ross (D-NC) SUMMARY Would require certain public and private entities to disclose ransom payments to the Department of Homeland Security within 48 hours and directs the department to make that information publicly available annually. STATUS Referred to the House Committee on Energy and Commerce on 10/5/21. Related Bill S. 2943.
H.R. 5658
DHS Roles and Responsibilities in Cyber Space Act, Bacon (R-NE) SUMMARY Would require the Secretary of Homeland Security to submit a report to Congress on the cybersecurity roles and responsibilities of the DHS components. STATUS Passed the House (313-105) on 5/16/22. 18 / Service Contractor / 2022
Professional Services Council
Bill Tracker: 117th Congress-First Session (2022) NEW
Newly introduced since last issue
Major action taken since last issue
Bill became law since last issue
H.R. 6256
To ensure that goods made with forced labor in the Xinjiang Uyghur Autonomous Region of the People’s Republic of China do not enter the United States market, and for other purposes., McGovern (D-MA) SUMMARY Would impose importation limits on goods produced using forced labor in China, especially the Xinjiang Uyghur Autonomous Region, and imposes sanctions related to such forced labor. STATUS Signed into law on 12/23/21; P.L. 117-78.
H.R. 6497
Federal Information Security Modernization Act, Maloney (D-NY) SUMMARY Would make changes to the government’s cybersecurity authorities, policies, and roles and responsibilities. STATUS Ordered to be reported by the Committee on Oversight and Reform on 2/2/22. Related bill: S.3600.
H.R. 6724
NEW Debt Ceiling Reform Act, Boyle (D-PA) SUMMARY Would allow for future debt ceiling increases unless Congress enacts a joint resolution of disapproval and lays out procedures for its consideration. STATUS Referred to the Committees on Ways and Means, and Rules on 2/15/22. Related bill: S. 3654.
H.R. 6861
Reducing Costs of DHS Acquisitions Act, Clay (R-GA) SUMMARY Would require program managers to report cost or performance breaches for major acquisition programs and provide plans for remedial actions. STATUS Ordered to be reported by the Committee on Homeland Security on 3/2/22.
H.R. 6871
DHS Acquisition Reform Act, LaTurner (R-KS) SUMMARY Would changes the acquisition-related roles and authorities of the undersecretary for management and other DHS officials. STATUS Passed the House (398-15) on 5/17/22.
H.R. 7164
CFO Vision Act, Maloney (D-NY) SUMMARY Would update the 1990 Chief Financial Officers Act to standardize the responsibilities for and authorities of agencies’ Chief Financial Officers and revise requirements for financial management planning. STATUS Referred to the House Committee on Oversight and Reform on 3/18/22.
NEW
H.R. 7299
NEW Strengthening VA Cybersecurity Act, Mrvan (D-IN) SUMMARY Would require an independent entity to conduct a cybersecurity assessment of the Department of Veterans Affairs’ information systems, and their efficacy and submit a plan to Congress to address their findings. STATUS Referred to the Committee on Veterans’ Affairs on 3/30/22. Related Bill: S. 3863.
H.R. 7900
National Defense Authorization Act for Fiscal Year 2023, Smith (D-WA) SUMMARY Would authorize appropriations and policy for Fiscal Year 2023 for the Department of Defense. STATUS Ordered to be reported by the Committee on Armed Services on 6/23/22.
S. 73
American Security Drone Act, Scott (R-FL) SUMMARY Would ban the procurement or use by the federal government of unmanned aircraft systems that are manufactured or assembled by certain entities, including entities subject to influence or control by China. STATUS Ordered to be reported by the Committee on Homeland Security and Governmental Affairs on 5/12/21. Professional Services Council
Service Contractor / 2022 / 19
Bill Tracker: 117th Congress-First Session (2022) NEW
Newly introduced since last issue
Major action taken since last issue
Bill became law since last issue
S. 272
Congressional Budget Justification Transparency Act, Peters (D-MI) SUMMARY Would require federal agencies and the Office of Management and Budget to make certain budget justification materials publicly available. STATUS Signed into law on 09/24/21; P.L. 117-23. Related bill: H.R.22. . Promoting Rigorous and Innovative Cost Efficiencies for Federal Procurement and Acquisitions (PRICE) Act, Peters (D-MI) SUMMARY Would require annual reports on the Department of Homeland Security’s Procurement Innovation Lab and would further establish a council to examine best practices for acquisition innovation in contracting in the federal government, including small business contracting. STATUS Signed into law on 2/22/22, P.L. 117-88.
S. 583
S. 636
Billion Dollar Boondoggle Act, Ernst (R-IA) SUMMARY Would require federal agencies to report annually on certain projects that are either more than five years behind schedule, or $1 billion over budget. STATUS Reported by the Committee on Homeland Security and Governmental Affairs on 5/10/21.
S. 671
Federal Agency Customer Experience Act, Hassan (D-NH) SUMMARY Would require certain agencies to collect and publish voluntary feedback on customer service and require the Government Accountability Office to report on agencies’ use of the data to improve service delivery. STATUS Reported by the Committee on Homeland Security and Governmental Affairs on 7/19/21.
S. 731
Department of Veterans Affairs Information Technology Reform Act, Tester (D-MT)
S. 732
BuyAmerican.gov Act, Portman (R-OH)
SUMMARY Would improve the management of information technology projects and investments of the Department of Veterans Affairs. STATUS Ordered to be reported by the Committee on Veterans’ Affairs on 12/15/21.
SUMMARY Would direct the President and specified federal agencies to take steps to increase transparency and limit the use of waivers of Buy American laws. STATUS Ordered to be reported by the Committee on Homeland Security and Governmental Affairs on 5/12/21.
S. 1009
Homeland Procurement Reform (HOPR) Act, Shaheen (D-NH) SUMMARY Would require the Secretary of the Department of Homeland Security to procure one-third of items for a frontline operational component from small businesses to the maximum extent possible. STATUS Ordered to be reported by the Committee on Homeland Security and Governmental Affairs on 7/14/21. Related bill: H.R. 2915.
S. 1231
Construction Consensus Procurement Improvement Technical Corrections Act, Portman (R-OH) SUMMARY Would prohibit the federal government from using reverse auctions for complex, specialized, or substantial design and construction services. STATUS Referred to the Committee on Homeland Security and Governmental Affairs on 4/20/21. Related bill: H.R.26.
S. 1260
United States Innovation and Competition Act, Schumer (D-NY) SUMMARY Would create a new Directorate for Technology and Innovation at the National Science Foundation focused on basic research, commercialization, and innovation related to key technology areas with geostrategic implications for the United States, among other provisions. STATUS Passed the Senate on 6/8/21. Related Bill: H.R.4521.
20 / Service Contractor / 2022
Professional Services Council
Bill Tracker: 117th Congress-First Session (2022) NEW
Newly introduced since last issue
Major action taken since last issue
Bill became law since last issue
S. 1303
Build America, Buy America Act, Brown (D-OH) SUMMARY Would require federal agencies to identify each infrastructure program and ensure that certain materials for those projects are produced in the United States. STATUS Ordered to be reported by the Committee on Homeland Security and Governmental Affairs on 5/12/21. Text included in the Infrastructure Investment & Jobs Act (P.L. 117-58).
S. 1306
Make PPE in America Act, Portman (R-OH) SUMMARY Would provide for domestic sourcing of personal protective equipment. STATUS Ordered to be reported by the Committee on Homeland Security and Governmental Affairs on 5/12/21. Text included in the Infrastructure Investment & Jobs Act (P.L. 117-58). Related bill: H.R. 2720.
S. 1316
Cyber Response and Recovery Act of 2021, Peters (D-MI) SUMMARY Would authorize a Cyber Recovery and Response Fund for the Secretary of Homeland Security to utilize in response to certain designated cyber incidents. STATUS Ordered to be reported by the Committee on Homeland Security and Governmental Affairs on 5/12/21. Text included in the Infrastructure Investment & Jobs Act (P.L. 117-58).
S. 1419
Protecting Critical Boards and Electronics Through Transparency and Enduring Reinvestment (PCBETTER) Act, Hawley (R-MO)
SUMMARY Would establish an “Electronics Supply Chain Fund” for the construction, expansion, or modernization of facilities to develop or manufacture semiconductors, microelectronics, advanced electronic packaging, and printed circuit boards. STATUS Referred to the Committee on Armed Services on 4/28/21.
S. 1605 SUMMARY
STATUS
National Defense Authorization Act for Fiscal Year 2022, Scott (R-FL) Authorizes funding and policies for Department of Defense activities and programs for FY2022. Signed into law on 12/27/21; P.L. 117-81.
S. 2201
Supply Chain Security Training Act, Peters (D-MI) SUMMARY Would require the Administrator of General Services to develop a training program for officials with supply chain risk management responsibilities at executive agencies. STATUS Passed the Senate on 1/11/22.
S. 2343
Chai Suthammanont Remembrance Act, Warner (D-VA) SUMMARY Would require federal agencies to develop and disclose safety plans that contain certain information for on-site employees and contractors during the public health emergency relating to COVID-19. STATUS Referred to the Committee on Health, Education, Labor, and Pensions on 7/19/21. Related bill: H.R. 978.
S. 2407
Cyber Incident Notification Act, Warner (D-VA) SUMMARY Would require federal agencies, government contractors, and critical infrastructure owners and operators to report cyber intrusions within 24 hours of their discovery. STATUS Referred to the Committee on Homeland Security and Governmental Affairs on 7/21/21. Text included in the Consolidated Appropriations Act, P.L. 117-103.
S. 2428
False Claims Amendments Act, Grassley (R-IA) SUMMARY Would overrule the Supreme Court’s decision in Universal Health Services, Inc. v. United States, which held a lawsuit could fail for lack of materiality if an agency continued to pay a contractor despite fraudulent conduct. STATUS Reported by the Committee on the Judiciary on 11/16/21. Professional Services Council
Service Contractor / 2022 / 21
Bill Tracker: 117th Congress-First Session (2022) NEW
Newly introduced since last issue
Major action taken since last issue
Bill became law since last issue
S. 2439
DHS Industrial Control Systems Capabilities Enhancement Act, Peters (D-MI) SUMMARY Would designate the Cybersecurity and Infrastructure Security Agency as responsible for maintaining capabilities to identify and mitigate cyber threats to industrial control systems. STATUS Ordered to be reported by the Committee on Homeland Security and Governmental Affairs. Related bill: H.R.1833. Text included in the FY22 National Defense Authorization Act (P.L. 117-81).
Critical to Homeland Security Act, Portman (R-OH) S. 2525 Domains Would require the Department of Homeland Security to undertake research and development SUMMARY
to identify and evaluate the extent to which critical domain risks within the United States supply chain pose a substantial threat to homeland security. STATUS Ordered to be reported by the Committee on Homeland Security and Governmental Affairs on 8/4/21. Related bill: H.R.3264. Text included in the FY22 National Defense Authorization Act (P.L. 117-81).
S. 2610
Intelligence Authorization Act for Fiscal Year 2022, Warner (D-VA) SUMMARY Would authorize appropriations for the Intelligence Community’s programs for Fiscal Year 2022 and includes policy provisions that impact the Intelligence Community’s contractor workforce. STATUS Reported by the Select Committee on Intelligence on 8/10/21. Related bill: H.R.5412. Text included in the Consolidated Appropriations Act, P.L. 117-103.
Prevent Government Shutdowns Act, Lankford (R-OK) S. 2727 Would automatically approve a continuing resolution upon a lapse in appropriations every two SUMMARY
weeks and withhold funding for certain activities until appropriations are enacted. STATUS Referred to the Committee on Homeland Security and Governmental Affairs on 9/14/21.
S. 2760
End Government Shutdowns Act, Portman (R-OH) SUMMARY Would provide continuing appropriations to prevent a government shutdown if appropriations bills or a continuing resolution has not been enacted. The bill would reduce the appropriations by 1% after the first 120-day period and by an additional 1% for each subsequent 90-day period until appropriations legislation is enacted. STATUS Referred to the Committee on Appropriations on 9/20/21. Related bill: H.R.5325
S. 2792
National Defense Authorization Act for Fiscal Year 2022, Reed (D-RI) SUMMARY Would authorize appropriations and policy for Fiscal Year 2022 for the Department of Defense. STATUS Ordered to be reported by the Armed Services Committee on 9/22/21. Related bill: S.1605.
S. 2792
National Defense Authorization Act for Fiscal Year 2022, Reed (D-RI) SUMMARY Would authorize appropriations and policy for Fiscal Year 2022 for the Department of Defense. STATUS Ordered to be reported by the Armed Services Committee on 9/22/21. Related bill: S.1605.
S. 2838
Access to Congressionally Mandated Reports Act, Portman (R-OH) SUMMARY Would require the Government Publishing Office to establish and maintain a publicly available online portal containing copies of all congressionally mandated reports. STATUS Reported by the Committee on Homeland Security and Governmental Affairs on 5/5/22. Related bill: H.R.2485.
S. 2892
Stop the Shutdowns Transferring Unnecessary Pain and Inflicting Damage In The Coming Years (Stop STUPIDITY) Act, Warner (D-VA) SUMMARY Would automatically renew funding for federal departments and agencies, at the previous year’s funding levels, in the event of a future lapse in appropriations, with the exceptions of the legislative branch and the Executive Office of the President. STATUS Referred to the Committee on Appropriations on 9/29/21. 22 / Service Contractor / 2022
Professional Services Council
Bill Tracker: 117th Congress-First Session (2022) NEW
Newly introduced since last issue
Major action taken since last issue
Bill became law since last issue
S. 3341
NEW VA Electronic Health Record Transparency Act, Moran (R-KS) SUMMARY Would require the Department of Veterans Affairs to report on the costs of its Electronic Health Record Modernization Program, including by describing all expenses driven by the program. STATUS Read twice and referred to the Committee on Veterans’ Affairs on 12/8/21.
S. 3408
NEW Federal Cloud Risk Management Improvements Act, Ossoff (D-GA) SUMMARY Would require GSA to issue a report on security of data stored or processed by cloud service providers. STATUS Referred to the Committee on Homeland Security and Governmental Affairs on 12/15/21.
S. 3578
NEW Slave-Free Business Certification Act, Hawley (R-MO) SUMMARY Would require companies to annually audit their supply chains for forced labor practices or human trafficking activities and publish reports on their policies to prevent the use of forced labor. STATUS Referred to the Committee on Health, Education, Labor, and Pensions on 2/3/22.
S. 3600
Strengthening American Cybersecurity Act, Peters (D-MI) SUMMARY Would make changes to the government’s cybersecurity authorities, policies, and roles and responsibilities; include new reporting requirements for cyber breaches for critical infrastructure; and authorize the FedRAMP program. STATUS Passed the Senate on 3/1/22. Related bill: H.R.6497. .
S. 3654
NEW The Debt Ceiling Reform Act, Durbin (D-IL) SUMMARY Would allow for future debt ceiling increases unless Congress enacts a joint resolution of disapproval and lays out procedures for its consideration. STATUS Referred to the Committee on Finance on 2/15/22. Related bill: H.R.6724.
S. 3863
NEW Strengthening VA Cybersecurity Act, Rosen (D-NV) SUMMARY Would require an independent entity to conduct a cybersecurity assessment of the Department of Veterans Affairs’ information systems, and their efficacy and submit a plan to Congress to address their findings. STATUS Referred to the Committee on Veterans’ Affairs on 3/17/22. Related Bill H.R. 7299.
S. 3890
Improving Intergovernmental Cooperation and Reducing Duplication Act, Peters (D-MI) NEW SUMMARY Would require updates to the Intergovernmental Cooperation Act intended to improve cooperation between the Federal Government and State, local, territorial, and Tribal governments STATUS Referred to the Committee on Homeland Security and Governmental Affairs on 3/22/22.
S. 3897
Legacy IT Reduction Act, Hassan (D-NH) SUMMARY Would require federal agencies to compile an inventory of each legacy information technology system and submit modernization plans to Congress. STATUS Ordered to be reported by the Committee on Homeland Security and Governmental Affairs on 3/30/22.
S. 3905
Preventing Organizational Conflicts of Interest in Federal Acquisition Act, Peters (D-MI) SUMMARY Would require the Federal Acquisition Regulatory Council to review the sufficiency of current organizational Conflict of Interest regulations and propose changes. STATUS Ordered to be reported by the Committee on Homeland Security and Governmental Affairs on 5/25/22.
Professional Services Council
Service Contractor / 2022 / 23
ME&A Assists USAID Celebrate 50-Year Partnership with Bangladesh at Portfolio Review by Monica Jerbi, ME&A Communications Manager
T
24 / Service Contractor / 2022
From left to right: Mison Barua, ME&A/BMEL Finance and Operations Director; Saiful Islam, Lakeshore Hotel Manager; Dora Plavetic, USAID/Bangladesh; Nazrul Islam, ME&A/BMEL Deputy Chief of Party/Monitoring Team Lead; Margaret-Ann Haywood.
More than 100 officials from USAID and the Government of Bangladesh attended a portfolio review event in Dhaka also celebrating USAID’s 50th anniversary in Bangladesh.
Professional Services Council
Photos by Mison Barua
o assist USAID/Bangladesh in generating and applying continuous learning across its portfolio, the ME&A-led USAID Bangladesh Monitoring, Evaluation and Learning (BMEL) Activity recently put on a two-day portfolio review event for more than 100 officials from USAID and the Government of Bangladesh (GOB). Portfolio reviews enhance strategic collaboration with host countries, advance data-informed decisions and policies, strengthen knowledge transfer among staff and partners, and ensure lessons learned and changes in a Mission’s internal and external environments are reflected in programming. The event, held on March 30 and 31, 2022, in the Lakeshore Hotel in Dhaka, also coincided with the celebration of USAID’s 50th anniversary in Bangladesh, making the review an opportunity to celebrate some of the long-term impacts that USAID’s partnership with the GOB has achieved. It also enabled USAID/Bangladesh to share information about the Country Development Cooperation Strategy (CDCS) 2020-2025 and allow USAID and GOB counterparts to assess progress and results achieved and discuss challenges ahead. As part of BMEL’s broader mandate to provide USAID/ Bangladesh with learning and knowledge management support services, ME&A handled all the portfolio review event’s logistics and facilitation as well as drafted a portfolio review report summarizing the event’s key takeaways for USAID. BMEL, implemented from Dhaka, is a $9.4 million USAID contract enabling USAID/Bangladesh to collect and use relevant data to achieve Mission development objectives, forward evidencebased programmatic decision-making, and enhance the capacity of Mission staff members in learning and knowledge management. Under BMEL, ME&A has completed: • More than a dozen performance evaluations of USAIDfunded activities/programs in Bangladesh. • Conducted nationwide sectoral assessments in multiple sectors, including rule of law and justice, labor, media, and natural resources management. • Conducted extensive third-party monitoring for the Mission, including 110 direct site visits in 11 districts in Bangladesh covering the democracy, human rights and governance, economic growth, and health sectors. This third-party monitoring resulted in 273 recommendations for the improvement of USAID-funded activities in Bangladesh to date. 3
The Value of
Intellectual Property by Pete Petitt and Benoit Geurts, Aon Securities LLC
T
he last 40 years have seen a major rotation from tangible to intangible assets in company valuations. In 1975, the top five US companies by market capitalization were IBM, Exxon Mobil, Procter & Gamble, GE and 3M—all relatively tangible asset intensive, especially at that time. In 2021, the top five US companies are Apple, Microsoft, Amazon, Alphabet and Tesla—all enterprises with a commitment to intangible assets and technology leadership.1
The Rise of Intangibles
The rotation from tangible to intangible assets can be seen broadly across the S&P 500. In 2020, intangible assets made up 90 percent of the S&P 500 market value. Compare that to the 1985 scenario, when intangibles represented only 32 percent of the index’s market value.2 For tech start-ups and scale-ups, the share of intangibles can be even higher. These companies’ assets are largely intangible of which intellectual property (IP) is a key element, and one could conclude that IP is heavily correlated to the highest growth potential and valuations. Amid a rapidly changing economy, business leaders are facing increasing pressure to make the right decisions to protect and grow their organizations. And an organization’s intangible assets are becoming an increasingly important, and valuable, factor in these decisions. Especially when it comes to mergers and acquisitions.
Why Intellectual Property is Important in the PE/VC World
The value of IP and related intangibles is an important part of a company’s corporate narrative and should be considered during M&A transactions. On the one hand, IP often drives the underlying transaction rationale and can heavily influence acquisition multiples and enterprise value. On the other hand, during the M&A process, IP evaluation is generally limited to legal confirmatory procedural due
diligence (DD). IP and related intangibles are, paradoxically, both extremely valuable assets and yet often overlooked in deal making. Bridging this gap presents an opportunity. Buyers and sellers are increasingly turning to non-legal qualitative IP assessments during DD to review the competitive landscape, quantify opportunities to support and create value aligned to business strategy and evaluate operational IP management processes and risks. For example, in software companies, it is crucial to conduct source code DD to make sure not only that the IP has not been copied from a third party but also that it is not potentially vulnerable to challenge or attack. Trade secrets are increasingly an area of investigation in IP DD. Indeed, a study3 shows that a proportion (up to a third) of employees will not be happy with the transaction and could potentially walk away with trade secrets. Reviewing the processes and security measures in place within the target company can give reassurance to investors and can also identify areas for improvements. Finally, a non-legal IP business diligence can also help identify potential post-deal cost saving opportunities based on an evaluation of patent quality and their maintenance cost.
Enhancing Returns for VC and PE Funds
Portfolio companies have the potential to drive value and enhance investment returns through sound IP management and value articulation. The diagram below illustrates these value creation and realization opportunities across the transaction and ownership cycle. Carve-out transactions have been increasing significantly in the last two years with corporations refocusing their businesses and selling business units to PE buyers. Carve-outs are characterized by the complexity of splitting the IP assets between the remaining company and the carved-out entity. A data-driven patent portfolio segmentation and analysis can bring key insights on the quality, value and usage of patents between the selling entity and the carved-out business. This continued pg.26
Companies Market Cap. n.d. “Largest American Companies by Market Capitalization”. Accessed March 22, 2022. https:// companiesmarketcap.com/usa/largest-companies-in-the-usa-by-market-cap/. 2 https://www.oceantomo.com/intangible-asset-market-value-study/ Accessed February 3, 2022. 3 Samers, Meredith. 2019. “Your Acquired Hires are Leaving. Here’s Why”. MIT Management Sloan School. January 8, 2019. https://mitsloan.mit.edu/ideas-made-to-matter/your-acquired-hires-are-leaving-heres-why. 1
Professional Services Council
Service Contractor / 2022 / 25
from pg. 25
analysis can help support complex negotiations and can identify IP assets, which are a material part of the carved-out entity. In addition, this analysis can highlight potential costsynergies through patent pruning or sales. At portfolio level, PE and VC investors can use IP analytics and IP litigation data to scan and compare their portfolio companies and identify potential sources of IP risk or value enhancing opportunities. Portfolio companies or acquisition targets can be ranked based on the estimated risk of facing an IP litigation based on IP litigation data for similar companies in the same industry sector and devise risk mitigation strategies. Value creation and enhancement opportunities can be found across the whole transaction cycle. Pre-deal acquisition targets can be identified with IP analytics. During the hold period, IP value creation processes can identify and help protect IP. Reviewing the whole portfolio can point to portfolio companies where IP cost savings opportunities (patent pruning or IP sale) may be found. At exit, articulating the IP narrative as a value driver in a M&A report—Quality of Intellectual Property (QoIP)—can enhance transaction value. IP-rich companies are attractive to VCs for several reasons. First, compared to tangible assets, e.g., a factory, the value of IP is not fixed and can keep growing in line with the performance of the business. Second, IP can help de-risking the scale up stage by building barriers to entry which can be enforced. IP can also help frame legal contracts with partners contributing to the growth of the business by clearly defining the boundaries of who owns the IP (current and future). In addition, start-ups can generate additional revenue through IP (brands, patents, copyrights, and technology know-how) licensing. IP can also be used as collateral to raise debt financing. IP can provide an option for VCs to potentially recoup some of their investment by selling the IP if the venture is not successful. In science-based start-ups,
4
capturing patentable inventions and rewarding inventors can be a contributor to attract and retain top talent. Given all the reasons mentioned above it can be meaningful for entrepreneurs to communicate their IP narrative in a succinct and businessfriendly way. A typical IP narrative document should include an accurate and comprehensive catalogue of the start-up’s IP assets and include clear charts and visual representations. Preparing for an IPO requires a company to ensure it has clear ownership of the IP it is relying on. Strategically building a patent portfolio to enhance value or to act as a deterrent against third party patent litigation can be done organically or through external acquisition. The announcement or rumors of an IPO are often a magnet for litigations. In an analysis conducted by Aon, it was found that IP litigation increased by 220% when a company decides to IPO; however, the long-term consequences can be even more significant. One study4 has found that a firm which experiences three lawsuits per year before its IPO regularly loses an additional -1.25% of its market value to litigation each year in perpetuity.
Why is IP critical for start-ups?
IP is critical for start-ups. It can protect innovation through patent or design rights, help protect the brand and position it as innovative, leading edge. IP can also increase valuation and attract investors especially if potential additional revenue through licensing have been identified and assuming the IP narrative positions IP as a value driver. Additionally, IP can also provide some risk protection (deterrent role). Scale ups with strong IP may be able to even use their IP assets as collateral to raise non-dilutive capital. Several key IP activities tend to take place during the typical start-up growth journey going from the pre-start-up stage to maturity and exit as highlighted in the chart below. Starting to think about IP early in the growth journey can be advantageous for all the reasons mentioned above.
Caskurlu, T., “An IPO Pitfall: Patent Lawsuits”, University of Amsterdam Business School, October 2020.
26 / Service Contractor / 2022
Professional Services Council
Conclusion
Given the paradigm shift in the contribution to overall business value from tangible to intangible assets, every business— whether involved in an M&A situation or not—can now be focusing on IP’s ability to generate enterprise value, factoring it into financial models as with other assets. This means capturing, documenting, and protecting and valuing IP assets (including trade secrets), ensuring IP risk is understood and mitigated, and being able to communicate the IP position to potential investors or debt finance providers. Entrepreneurs and investors have an opportunity to gain competitive advantage through their understanding of IP. 3
Professional Services Council
Pete leads Aon’s IP Transaction Advisory practice. In this role he focuses on Aon’s Quality of Intellectual Property (QoIP) solution, enhancing value realization for IP-rich companies entering the M&A and capital markets. He is also a registered principal with Aon Securities LLC and works with clients across transaction execution, capital formation and IP strategy. Pete draws from over 25 years of investment banking and corporate development experience. Benoit is an Intellectual Property (IP) specialist with more than 20 years experience advising a wide range of clients globally on IP strategy, IP due diligence (for investment funds, PE firms and an IPbacked lender), IP valuation, IP risk assessment and patent brokerage (sell-and buy-side). Benoit leads the IP M&A services in EMEA.
Service Contractor / 2022 / 27
PSC Releases Its 2022 Federal Business Forecast Scorecard by PSC Staff
I
n June 2022, PSC released the 2022 edition of its Federal Business Forecast Scorecard. For the fourth year in a row, the annual Scorecard examines publicly available procurement forecasts, which federal agencies use to provide valuable information to potential offerors on projected needs. This year’s version assessed the forecasts of 62 federal agencies* against 15 key attributes that are necessary for an effective forecast. Among the most important of those attributes are award type, sortable data, frequency of updates and set-aside status.
PSC rated the effectiveness of federal agency business forecast information and found significant improvements resulting in part from ongoing PSC conversations with government regarding prior Scorecard results.
Key highlights from the 2022 PSC Federal Business Forecast Scorecard include: • General Services Administration (GSA) received the highest score. GSA’s opportunities are consistently updated and populated with useful information to support companies’ decision-making. GSA’s forecast of contracting opportunities uses an “acquisition gateway” system which provides multiple ways to sort information quickly to identify specific opportunities. • Marine Corps Systems Command earned an honorable mention, jumping from “lacking a forecast” in 2021 to a “fair” rating in just a year due to rapidly and competently improving their publicly available forecast information. • Naval Information Warfare Systems Command (NAVWAR) earned an honorable mention for maintaining a consistent “good” rating year over year. While certain restrictions can prevent Department of Defense offices from making publicly available a fully populated forecast, NAVWAR stands out as a top component. More agencies received a “good” ranking in 2022, up from 15 agencies in 2021 to 17 agencies this year. Additionally, 12 Agencies received a “fair” ranking in 2022, up from 9 agencies in 2021. PSC engaged with several federal agencies to discuss how agency business forecasts can be improved and PSC is pleased to see improvements across the government. Forecasts are often
28 / Service Contractor / 2022
“GSA is honored to be selected as the model for success for the PSC 2022 Federal Business Forecast Scorecard. One of the goals in the President’s Management Agenda is to deliver excellent, equitable, and secure federal services and customer experience. GSA’s commitment to ensuring strong, open relationships with industry is a key component in delivering on this goal. PSC’s recognition showcases the hard work of GSA’s acquisition and small business professionals in increasing transparency and communication with our industry partners. We look forward to continued industry partnership and engagement to ensure a federal acquisition system that’s modern, accessible, and streamlined.” – Exodie C. Roe III, GSA’s Associate Administrator for Small and Disadvantaged Business Utilization, GSA
“As part of its comprehensive approach to advancing equity in procurement, OMB has emphasized the importance of good procurement forecasts as a key component of strengthening the diversity and resilience of the Federal marketplace. OFPP is working with agencies to improve the timing, content, and access to their forecasts and appreciates the input of industry partners in helping agencies understand how forecasts can best help small businesses — and especially those from underserved communities — position themselves for success when competing for Federal work.” — Lesley A. Field, Acting Administrator for Federal Procurement Policy within the Office of Management and Budget.
the first step in programmatic activity when clear project/award descriptions, precise dollar estimates and ample information for potential offerors allow more informed decisions about proposal investments. To view the full Scorecard report, including a breakdown of the rankings, visit http://www.pscouncil.org/scorecard.
Professional Services Council
*The 62 agencies represent only a sample; not every publicly available business forecast was reviewed. Several buying agencies do not have publicly available forecasts.
Professional Services Council
Service Contractor / 2022 / 29
30 / Service Contractor / 2022
Professional Services Council
Professional Services Council
Service Contractor / 2022 / 31
Professional Services Council 4401 Wilson Blvd., Suite 1110 Arlington, VA 22203
