Blog

Subscribe to our Blog

Contractors, Ask DCAA Auditors to Cite the Regulation

Success Illustration

 

Government contractors must go above and beyond routine requirements when it comes to reporting and regulations. It's not enough to comply with the standard employment and labor laws, or the intellectual and privacy laws that apply to most businesses.

Businesses that contract with the federal government must be prepared to meet the rigid scrutiny of the Defense Contract Audit Agency (DCAA) too. If you are new to contracting, you may be struggling to navigate the complex world of the Federal Acquisition Regulations. The FAR is the primary set of regulations used by federal agencies and contractors to guide them through the acquisition of supplies and services. Some of the most commonly referenced sections include FAR Part 31 cost principles; FAR Part 15; contracting by negotiation, and FAR Part 52, contract clauses.  

Always keep in mind that the mission of the DCAA is to ensure that taxpayer dollars are spent on fair and reasonably priced contracts. They are the stewards of taxpayer money and often behave as though the money used to fund a contract award is coming out their pockets. Some of the audits regularly conducted by the DCAA include:

Pre-award audits: These audits take place before a contract is awarded and may include an audit of proposal pricing, forward pricing rates, or the SF1408 survey of your accounting system.

Post-award audits: These audits take place after the contract is awarded and may include an audit of costs incurred under the contract, compliance with Truth in Negotiations Act (TINA), and compliance with the Cost Accounting Standards (CAS).

Understanding your obligations to the DCAA will help you when working with auditors. Let's consider a real life example to illustrate this point. Suppose you are interacting with a DCAA auditor during a pre-award audit and you are asked to present a five-year master budget and sales forecast. Of course, being asked for such information puts you in an awkward position since chances are you don't have such a plan in the first place, so you elect to question the nature and applicability of the request.

In response to your perceived lack of cooperation, the DCAA auditor threatens to stop the audit and inform his or her supervisor of your "non-compliance."  Before reacting adversely, you should simply ask the auditor to cite the regulation that requires you to maintain a corporate budget and forecast for the next five years.

This question will stop any auditor in their tracks because there is no specific requirement for most contractors to maintain budgets and forecasts for the next half-decade. To wit, the threshold for requiring a forward pricing rate agreement is $200 million in expected government sales during the contractor's next fiscal year.  Information as such to the extent that it exists is typically only meant for you and your team, and not for the prying eyes of DCAA auditors. But, how could you have known that and why are you being asked? 

The point is that you don't need to know every chapter and verse of the DCAA's Contract Audit Manual to interact effectively with auditors. Beyond a general understanding of the FAR and CAS regulations as well as the audit process, you simply need to understand your fundamental right to ask for clarification on a request that seems to be out of scope. When a DCAA auditor asks for anything that seems unreasonable or unusual that you are unable or unwilling to provide, just inquire about the particular guidance or regulation that would justify the request. Enduring an audit can be stressful enough, so be sure to recognize the line between your reporting obligations and the DCAA's need to know. It's important for you and especially for an auditor to know the regulations, and just as important to understand what can be expected of you during the course of an audit.

Recent Blogs

December, 04 2024

Another Year, Another End-of-Year Update

2024

One thing we've learned over the years as a software publisher is that unless you are planning on sunsetting a legacy application, you are never "done" with development. Read the Blog

November, 01 2024

Are You Ready for Cybersecurity Maturity Model Certification?

cybersecurity

After several fits and starts over the past five years, the Department of Defense (DoD) finally issued its final ruling on October 15 for CMMC 2.0 compliance. This final rule coincides with October wh[...] Read the Blog

October, 04 2024

Accounting Software for GovCons: Many Choices but Few Options

DCAA Audits Accounting Software

Accounting Software for GovCons: Many Choices but Few Options Read the Blog