Secure Border Initiative:

Controls over Contractor Payments for the Technology Component Need Improvement

GAO-11-68: Published: May 25, 2011. Publicly Released: May 25, 2011.

Additional Materials:

Contact:

Beryl Davis
(202) 512-3000
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

In 2005, the Department of Homeland Security (DHS) initiated a multibillion-dollar contract to secure part of the nation's borders, the Secure Border Initiative (SBI). At that time, SBI was to include a single solution technology component; SBInet. DHS assigned the U.S. Customs and Border Protection (CBP) responsibility for overseeing the SBI contract, including SBInet. In January 2011, DHS announced that it was ending SBInet, and replacing it with a new technology portfolio. GAO was asked to (1) assess CBP's controls over payments to the prime contractor under the original SBInet program, and (2) provide information about the SBI program prime contractor's reporting against small business subcontracting goals. GAO assessed CBP controls against federal standards for internal control and relevant federal regulatory provisions, and summarized data on contractor performance against small business contracting goals.

GAO's review of CBP's controls over payments to the prime contractor under the original SBInet program identified the need to improve controls in two critical areas. Specifically, GAO found that CBP's design of controls for SBInet contractor payments did not (1) require invoices with sufficiently detailed data supporting billed costs to facilitate effective invoice reviews or (2) provide for sufficiently detailed, risk-based invoice review procedures to enable effective invoice reviews prior to making payments. Although CBP's established procedures were based on the Federal Acquisition Regulation (FAR), GAO identified numerous instances of CBP contracting officers lacking detailed support in the SBInet contractor invoices they received for review. Because CBP's preventative controls were not fully effective, the agency will continue to (1) be impaired in providing assurance that the reported $780 million it already paid to the contractor under the original SBInet program was allowable under the contract, in the correct amount, and only for goods and services provided, and (2) rely heavily on detective controls (such as timely, effective contract closeout audits) for all SBInet funds disbursed. Further, timely action to improve CBP's preventative controls is critical for the estimated $80 million in original SBInet program funds yet to be disbursed. Also, in light of the recent DHS announcement that it is replacing the originally conceived SBInet program with a new technology portfoliobased approach, GAO's findings concerning weaknesses in CBP's design of controls over payments to the prime contractor under the recently ended SBInet program can serve as "lessons learned" to be considered in designing and implementing controls as part of the newly announced portfolio-based approach to providing technological support to border security. With respect to performance against small business contracting goals, the prime contractor reported that it met two of the six small business subcontracting goals for the overall SBI program. Specifically, it reported that it met subcontracting participation goals for Historically Underutilized Business Zone and Veteran-Owned small business categories, but was unable to meet the other four small business goals because a large steel purchase significantly reduced the subcontract dollars available for small businesses to participate in the SBI contract. GAO makes five recommendations to improve CBP controls over prime contractor payments under the SBInet and the successor technology portfolio, including actions to strengthen invoice review procedures, provide more detailed support, and to better focus closeout audits. DHS concurred in principle with all recommendations, but for some, DHS also commented on the cost-effectiveness or others' role in implementation. GAO addresses these comments in the report.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: DHS agreed in principle with our recommendation. In response to our recommendation, on January 26, 2012, CBP issued CBP Directive No. 5220-040, Contract Invoice Processing and Payment Procedures. In section 6.8.1, the directive outlines the elements of a proper invoice, which includes contract number, description, quantity, unit of measure, unit price, and extended price of supplies delivered or services performed. In addition, section 6.8.2 specifies that for cost reimbursement contracts for services, a proper invoice must include all of the information required by the contract and comply with FAR 52.216-7, which relates to allowable cost and payment. Section 3.4 of the directive also requires that all invoices and vouchers be sent to the cognizant Defense Contract Audit Agency (DCAA) field office for review. These corrective actions taken address the intent of our recommendation.

    Recommendation: With respect to the remaining funds not yet disbursed under the original SBInet contract, the Secretary of Homeland Security should direct CBP's SBI Contracting Division Director to revise CBP's SBI standard operating procedures (SOPs) to require the SBInet contractor to submit data supporting invoiced costs to CBP in sufficient detail to facilitate effective contracting officer (CO) and the contracting officer's technical representatives (COTR) invoice review.

    Agency Affected: Department of Homeland Security

  2. Status: Closed - Implemented

    Comments: DHS agreed with our recommendation. In response to our recommendation, on January 26, 2012, CBP issued CBP Directive No. 5220-040, Contract Invoice Processing and Payment Procedures. Within section 7, the directive describes specific, risk-based steps for the CO and COTR review, acceptance, and approval of invoices or interim vouchers. These corrective actions taken address the intent of our recommendation.

    Recommendation: With respect to the remaining funds not yet disbursed under the original SBInet contract, the Secretary of Homeland Security should direct CBP's SBI Contracting Division Director to revise CBP's SBI SOPs to include specific, risk-based steps required for COs and COTRs to properly review and approve contractor invoices to ensure that they accurately reflect all program costs incurred, including specifying required documentation of such review and approval.

    Agency Affected: Department of Homeland Security

  3. Status: Open

    Comments: DHS agreed in principle with our recommendation. However, according to CBP representatives, no closeout audits had been completed for the original SBInet program as of March 2014. CBP officials told us that DCAA expects to complete its 2007 SBInet incurred cost audits in March 2015, and CBP plans on performing closeout audits within 90 days after receiving them. Therefore, CBP will not be able to close this recommendation until DCAA has completed its 2007 incurred cost audit.

    Recommendation: With respect to closeout audits under the original SBI prime contract and any task orders that receive closeout audits under DHS's SOPs, the Secretary of Homeland Security should direct CBP's SBI Contracting Division Director to request that the Defense Contract Audit Agency (DCAA) to perform closeout audits as expeditiously as possible, including providing information on the contractor payment control findings concerning the original SBInet program that we identified for consideration in determining the extent and nature of DCAA testing required as part of such audits.

    Agency Affected: Department of Homeland Security

  4. Status: Open

    Comments: DHS agreed in principle with our recommendation. However, our review of CBP's procedures regarding coordination with DCAA to monitor the status of the incurred cost audits related to the original SBInet program did not find that any updates had been made in response to this recommendation. We will continue to follow up in fiscal year 2015 to see if CBP has established any new procedures for coordinating with DCAA to monitor the status of closeout audits related to the original SBInet program.

    Recommendation: With respect to closeout audits under the original SBI prime contract and any task orders that receive closeout audits under DHS's SOPs, the Secretary of Homeland Security should direct CBP's SBI Contracting Division Director to establish procedures for coordinating with DCAA to monitor the status of closeout audits related to the original SBInet program.

    Agency Affected: Department of Homeland Security

  5. Status: Closed - Implemented

    Comments: DHS agreed with our recommendation. In response to our recommendation, on January 26, 2012, CBP issued CBP Directive No. 5220-040, Contract Invoice Processing and Payment Procedures, an April 22, 2011, Memorandum of Understanding (MOU) between the Department of Homeland Security (DHS) and the Defense Contract Audit Agency (DCAA), and a May 2, 2011, revision to the MOU between DHS and DCAA. According to CBP personnel, these documents are based on the accumulated experience and lessons learned by the CBP procurement staff. These corrective actions taken address the intent of our recommendation.

    Recommendation: With respect to the new technology portfolio approach, the Secretary of Homeland Security should direct CBP's SBI Contracting Division Director to document the consideration and incorporation as appropriate, of lessons learned based on our findings on the design of controls over payments to the original SBInet contractor in designing and implementing contract provisions and related policies and procedures for reviewing and approving prime contractor invoices. Such provisions should provide for obtaining sufficiently detailed data supporting invoiced costs to support effective invoice reviews and include the specific, appropriately risk-based steps required for COs and COTRs to carry out an effective contractor invoice review.

    Agency Affected: Department of Homeland Security

 

Explore the full database of GAO's Open Recommendations »

Sep 15, 2014

Sep 10, 2014

Sep 9, 2014

Sep 8, 2014

Jul 31, 2014

Jul 29, 2014

Jul 24, 2014

Jul 16, 2014

Jun 27, 2014

Looking for more? Browse all our products here