Skip to main content

Secure Border Initiative: Controls over Contractor Payments for the Technology Component Need Improvement

GAO-11-68 Published: May 25, 2011. Publicly Released: May 25, 2011.
Jump To:
Skip to Highlights

Highlights

In 2005, the Department of Homeland Security (DHS) initiated a multibillion-dollar contract to secure part of the nation's borders, the Secure Border Initiative (SBI). At that time, SBI was to include a single solution technology component; SBInet. DHS assigned the U.S. Customs and Border Protection (CBP) responsibility for overseeing the SBI contract, including SBInet. In January 2011, DHS announced that it was ending SBInet, and replacing it with a new technology portfolio. GAO was asked to (1) assess CBP's controls over payments to the prime contractor under the original SBInet program, and (2) provide information about the SBI program prime contractor's reporting against small business subcontracting goals. GAO assessed CBP controls against federal standards for internal control and relevant federal regulatory provisions, and summarized data on contractor performance against small business contracting goals.

GAO's review of CBP's controls over payments to the prime contractor under the original SBInet program identified the need to improve controls in two critical areas. Specifically, GAO found that CBP's design of controls for SBInet contractor payments did not (1) require invoices with sufficiently detailed data supporting billed costs to facilitate effective invoice reviews or (2) provide for sufficiently detailed, risk-based invoice review procedures to enable effective invoice reviews prior to making payments. Although CBP's established procedures were based on the Federal Acquisition Regulation (FAR), GAO identified numerous instances of CBP contracting officers lacking detailed support in the SBInet contractor invoices they received for review. Because CBP's preventative controls were not fully effective, the agency will continue to (1) be impaired in providing assurance that the reported $780 million it already paid to the contractor under the original SBInet program was allowable under the contract, in the correct amount, and only for goods and services provided, and (2) rely heavily on detective controls (such as timely, effective contract closeout audits) for all SBInet funds disbursed. Further, timely action to improve CBP's preventative controls is critical for the estimated $80 million in original SBInet program funds yet to be disbursed. Also, in light of the recent DHS announcement that it is replacing the originally conceived SBInet program with a new technology portfoliobased approach, GAO's findings concerning weaknesses in CBP's design of controls over payments to the prime contractor under the recently ended SBInet program can serve as "lessons learned" to be considered in designing and implementing controls as part of the newly announced portfolio-based approach to providing technological support to border security. With respect to performance against small business contracting goals, the prime contractor reported that it met two of the six small business subcontracting goals for the overall SBI program. Specifically, it reported that it met subcontracting participation goals for Historically Underutilized Business Zone and Veteran-Owned small business categories, but was unable to meet the other four small business goals because a large steel purchase significantly reduced the subcontract dollars available for small businesses to participate in the SBI contract. GAO makes five recommendations to improve CBP controls over prime contractor payments under the SBInet and the successor technology portfolio, including actions to strengthen invoice review procedures, provide more detailed support, and to better focus closeout audits. DHS concurred in principle with all recommendations, but for some, DHS also commented on the cost-effectiveness or others' role in implementation. GAO addresses these comments in the report.

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Homeland Security With respect to the remaining funds not yet disbursed under the original SBInet contract, the Secretary of Homeland Security should direct CBP's SBI Contracting Division Director to revise CBP's SBI standard operating procedures (SOPs) to require the SBInet contractor to submit data supporting invoiced costs to CBP in sufficient detail to facilitate effective contracting officer (CO) and the contracting officer's technical representatives (COTR) invoice review.
Closed – Implemented
DHS agreed in principle with our recommendation. In response to our recommendation, on January 26, 2012, CBP issued CBP Directive No. 5220-040, Contract Invoice Processing and Payment Procedures. In section 6.8.1, the directive outlines the elements of a proper invoice, which includes contract number, description, quantity, unit of measure, unit price, and extended price of supplies delivered or services performed. In addition, section 6.8.2 specifies that for cost reimbursement contracts for services, a proper invoice must include all of the information required by the contract and comply with FAR 52.216-7, which relates to allowable cost and payment. Section 3.4 of the directive also requires that all invoices and vouchers be sent to the cognizant Defense Contract Audit Agency (DCAA) field office for review. These corrective actions taken address the intent of our recommendation.
Department of Homeland Security With respect to the remaining funds not yet disbursed under the original SBInet contract, the Secretary of Homeland Security should direct CBP's SBI Contracting Division Director to revise CBP's SBI SOPs to include specific, risk-based steps required for COs and COTRs to properly review and approve contractor invoices to ensure that they accurately reflect all program costs incurred, including specifying required documentation of such review and approval.
Closed – Implemented
DHS agreed with our recommendation. In response to our recommendation, on January 26, 2012, CBP issued CBP Directive No. 5220-040, Contract Invoice Processing and Payment Procedures. Within section 7, the directive describes specific, risk-based steps for the CO and COTR review, acceptance, and approval of invoices or interim vouchers. These corrective actions taken address the intent of our recommendation.
Department of Homeland Security With respect to closeout audits under the original SBI prime contract and any task orders that receive closeout audits under DHS's SOPs, the Secretary of Homeland Security should direct CBP's SBI Contracting Division Director to request that the Defense Contract Audit Agency (DCAA) to perform closeout audits as expeditiously as possible, including providing information on the contractor payment control findings concerning the original SBInet program that we identified for consideration in determining the extent and nature of DCAA testing required as part of such audits.
Closed – Implemented
The Customs and Border Patrol (CBP) Procurement Directorate obtained the final Defense Contract Audit Agency (DCAA) audit for Boeing (prime contractor for SBInet) indirect costs required to close out fiscal years 2007 and 2008 task orders. In addition, CBP Directive 5220-040 was revised in January 2012 to ensure cost reimbursement vouchers (regarding contractor payment controls) are reviewed by DCAA.
Department of Homeland Security With respect to closeout audits under the original SBI prime contract and any task orders that receive closeout audits under DHS's SOPs, the Secretary of Homeland Security should direct CBP's SBI Contracting Division Director to establish procedures for coordinating with DCAA to monitor the status of closeout audits related to the original SBInet program.
Closed – Implemented
DHS and DCAA revised their Memorandum of Understanding for audits of DHS components in April 2011 to require all contractors to submit vouchers for all cost reimbursement, time and material, and labor-hour contracts to DCAA for review. In addition, the DCAA Financial Liaison Advisor is located onsite at CBP and monitors the status of incurred costs audits and close out audits (including SBInet incurred cost audits)using the DCAA Management Information System, and reports the status of incurred cost audits and their results in the Procurement Directorate Cost Type Report. Also, the CBP Operations Support Branch monitors the status and progress of incurred cost audits and close out audits using the DCAA Management Information System.
Department of Homeland Security With respect to the new technology portfolio approach, the Secretary of Homeland Security should direct CBP's SBI Contracting Division Director to document the consideration and incorporation as appropriate, of lessons learned based on our findings on the design of controls over payments to the original SBInet contractor in designing and implementing contract provisions and related policies and procedures for reviewing and approving prime contractor invoices. Such provisions should provide for obtaining sufficiently detailed data supporting invoiced costs to support effective invoice reviews and include the specific, appropriately risk-based steps required for COs and COTRs to carry out an effective contractor invoice review.
Closed – Implemented
DHS agreed with our recommendation. In response to our recommendation, on January 26, 2012, CBP issued CBP Directive No. 5220-040, Contract Invoice Processing and Payment Procedures, an April 22, 2011, Memorandum of Understanding (MOU) between the Department of Homeland Security (DHS) and the Defense Contract Audit Agency (DCAA), and a May 2, 2011, revision to the MOU between DHS and DCAA. According to CBP personnel, these documents are based on the accumulated experience and lessons learned by the CBP procurement staff. These corrective actions taken address the intent of our recommendation.

Full Report

GAO Contacts

Office of Public Affairs

Topics

Border securityContract administrationContract costsContract oversightContractor paymentsContractsDocumentationFunds managementInternal controlsPrime contractorsSmall business contractsStandards evaluationSubcontractorsSubcontractsTechnology transferPolicies and procedures