DCAA Revises Policy to Avoid Auditing Contractors’ Incurred Cost Submissions (Again)

Wednesday, 22 June 2016 00:00 Nick Sanders

In what was arguably a predictable move, the Defense Contract Audit Agency has once again revised its policy so as to exempt more contractors’ incurred cost submissions from audit. MRD 16-PPD-06, issued May 27, 2016, revised (for at least the second time) its policy regarding which incurred cost proposals (which technically should be called “proposals to establish final billing rates” but almost nobody actually calls them that) will be considered to be “low-risk” and therefore accepted without any kind of transaction testing.

Yeah, we’ve been down this road before, haven’t we?

Our article on this topic, from November, 2013, really said all that needs to be said. We pointed out then that DCAA’s plan to reduce its embarrassingly large backlog of unaudited proposals wasn’t working out for the agency. We noted a GAO report “had found that DCAA’s initial assessment of contractor proposals had resulted in more than half the submissions being classified as high-risk, meaning that a full scope audit would be required. In contrast to reality, DCAA’s initial planning has assumed that only about 20 percent of submissions would be found to be high risk. And this was in relation to contractor proposals with ADVs of less than $15 million.” Thus, relaxing the criteria would create more “low-risk” contractor proposals and enable DCAA to reduce its audit backlog without, you know, actually performing audits.

The more recent policy change documented in MRD 16-PPD-16 is just more of the same. More relaxing of criteria to permit more proposals to fall into the “low-risk” category. More backlog “risked-away” because, gosh, it’s just not worth spending taxpayer dollars to audit such low-risk proposals, even though they are more likely to be submitted by small businesses that don’t have a good understanding of the FAR Part 31 cost principles and related requirements, and thus are more likely to have unallowable costs included in them.

If we interpret the new policy correctly, then any incurred cost submission with an Auditable Dollar Value (ADV) of less than $5 million is automatically considered to be low-risk, and shall not be audited. (This assumes the contractor was able to make the schedules tie-out the way DCAA’s math-checks require them to.) Quite literally, an auditor will need to obtain high-level permission in order to classify any such proposal as other than low-risk. The MRD states “FAOs will need to obtain Regional Audit Manager (RAM) approval if performance of an audit is warranted based on significant relevant risk.” The auditors (and their Audit Supervisors and their FAO Managers) will have to make a case to a RAM in order to protect taxpayer dollars by performing an audit on such small dollar proposals.


It’s more of the same. While DCAA’s audit protocols call for months of risk assessment followed by literally years of field work in order to audit one single contractor’s proposal to establish final billing rates, the only way to actually make progress against the backlog of audits is to declare the audits don’t need to be performed, or have been performed via a math-check, or that the proposal is not adequate and can’t be audited.

The purpose of this article is not to bash DCAA. It is simply to document, for the record, the decisions being made. One day some Masters or Ph.D. candidate may stumble across this blog and cite it as source material for a thesis on “Abnormal Psychology as Exhibited by Governmental Organizations: A Case Study on DCAA”.