Apac
  • Home
  • CXO Insights
  • CIO Speaks
  • Partner Conferences
  • Newsletter
  • Subscribe
  • News
  • About us
Apac

  • Agile

    Artificial Intelligence

    Augmented Reality

    Big Data

    Blockchain

    Cloud

    Cyber Security

    DevOps

    Digital Technology

    Enterprise Security

    HPC

    Internet of Things

    IT Services

    Mobility

    Networking

    Open Source

    POS

    QA and Testing

    Robotics

    SaaS Solutions

    Security

    Simulation

    Smart City

    Startup

    Storage

    Unified Communication

    Virtualization

    Web Development

  • Automotive

    Aviation and Aerospace

    Banking

    Compliance

    Construction

    Contact Center

    E-Commerce

    Education

    Energy

    Engineering

    Field Service

    FinTech

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Pharma and Life Science

    Retail

    Sports

    Telecom

    Travel and Hospitality

    Utilities

  • Amazon

    CISCO

    Google

    HP

    IBM

    Intel

    Microsoft

    Oracle

    Red Hat

    Salesforce

    SAP

    VMware

  • Business Intelligence

    Business Process Management

    CEM

    Collaboration

    Corporate Finance

    CRM

    Data Center

    Disaster Recovery

    Document Management Systems

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Performance Management

    ERP

    Fleet Management

    Gamification

    Geographical Information System

    HR Technology

    IT Service Management

    Managed Services

    Payments

    PLM

    Procurement

    Project Management

    Risk Management

    Sales and Marketing

    Workflow

Menu
    • DevOps
    • Automotive
    • FinTech
    • Robotics
    • SAP
    • Amazon
    • Big Data
    • Education
    • HPC
    • Simulation
    • CISCO
    • Web Development
    • AI
    • EPM
    • ERP
    • Project Management
    • Salesforce
    • Sports
    • Travel and Hospitality
    • Unified Communication
    • IT Services
    More
    HPC Simulation CISCO Web Development AI EPM ERP Project Management Salesforce Sports Travel and Hospitality Unified Communication IT Services
    ×

    Subscribe to our Newsletter

    news
    news

    Join our mailing list for the latest articles, news, and exclusive insights from prominent technology leaders

    loading
    SUBSCRIBE

    Thank You for subscribing with us. We sent you an email regarding this.

    news

    • Home
    • Compliance
    Editor's Pick (1 - 4 of 8)
    left
    CIOs Need To Know Their Business, Not Just Tech

    John Sadowski, EVP & CIO, Sandy Spring Bank

    Your Next Law Firm Website Project

    Vic Peterson, CIO, Stinson Leonard Street LLP

    Essentials for a Compliant Environment

    Seevali Fernando, Group CIO, Hoya Corporation

    The Digital Agency

    Ralph Chivers, CIO, Ministry of Business Innovation and Employment, New Zealand

    E-commerce and the Data behind it

    Klemen Drole, CIO, Lazada Group

    Need and Importance of IT in the Shipping Industry

    Anjan Deb, GM-IT (CIO), The Great Eastern Shipping

    At the Crossroads of Sports and Technology

    Jerry Mcglynn, CIO, Specialized Bicycle Components

    Proliferative Innovation via Platform+Agile

    Dr. Steve Hodgkinson, CIO, Department of Health & Human Services in Melbourne, Australia

    right

    What CCOs Can Learn from the Government Contracts Compliance Landscape

    By Thomas Lemmer, Partner and Phillip Seckman, Partner, McKenna Long & Aldridge

    Tweet
    content-image

    Thomas Lemmer, Partner and Phillip Seckman, Partner, McKenna Long & Aldridge

    Government contractors have long faced a host of compliance obligations and risks. Today, these obligations and risks both parallel and at times exceed what has evolved under Sarbanes Oxley. In fact, SOX adopted a number of federal contracting requirements, including compliance self-certifications. Subsequent to the issuance of SOX, federal contract compliance requirements have expanded to adopt a number of SOX requirements, including significant focus on business system integrity and internal controls. Thus, it is useful to Compliance Officers to understand that federal contract compliance requirements mandate that contractors invest in and maintain effective and reliable business systems, effective internal controls, and adequately skilled and trained personnel. The absence of the contractor’s upper management’s support, including the Chief Information Officer, makes achieving and maintaining compliance extremely difficult.

    The United States government incentivizes contractors to achieve and maintain compliance through a host of laws, regulations, and contract clauses. Beginning in December 2008, however, there was a watershed change in how the federal government interacts with its contractors. The change occurred when the federal government, reacting to the events that led to and the requirements found in SOX, began contractually obligating many contractors to adopt a code of business ethics and to implement a business ethics and compliance program and internal control system. Commonly referred to as the Mandatory Disclosure Rule, the 2008 change to the Federal Acquisition Regulation obligates all government contractors to affirmatively self-disclose all facts regarding covered violations of certain federal criminal laws, the Civil False Claims Act, or significant overpayments.

    Building on these changes, the Department of Defense (DOD), in 2011, issued what is commonly referred to as the DOD Business Systems Rule. Implemented through a series of contract clauses incorporated into covered contracts, the DOD Business Systems Rule mandates that defense contractors must establish and maintain six adequate business systems: (1) Accounting; (2) Estimating; (3) Material Management and Accounting; (4) Property; (5) Purchasing; and (6) Earned Value Management. If there are any significant deficiencies in the contractor’s business systems, the government will disapprove the system and will immediately begin withholds of up to 10 percent on the contractor’s eligible payments until the system is brought into compliance.

    Central to the ability of a contractor to achieve compliance with the mandatory disclosure rule or the business systems rule is robust support from the contractor’s Information Technology Department. Indeed, the business systems rule, in particular, focuses on the degree to which a contractor’s various business systems—in reality, different information systems or components of an ERP system—are integrated with each other so that reliable data needed for management purposes can be accurately fed from one system to another. Accordingly, company CIOs and their staff must possess increasingly robust compliance knowledge, experience, and training so that they can effectively team with the CCO to achieve the company’s compliance responsibilities.

    The federal government assesses compliance through audits performed by the Defense Contract Audit Agency or an agency Office of Inspector General. These audits are to be performed in accordance with Generally Accepted Government Auditing Standards.

    If a federal contractor or its employees fail to maintain compliance with the vast array of laws, regulations, and contract clauses, the contractor can face serious potential liability, ranging from withholds on pending payments and contract breach claims to the more severe risks of civil fraud actions and potential suspension and debarment. These compliance requirements parallel current requirements in the commercial arena that must be met in order to avoid ethical issues and qualified audit reports that, among other things, impact stock price, trigger Securities and Exchange Commission reviews and penalties and result in fraud charges.

    In the federal government contracts environment of today, there are five important ways that CCOs can enhance their company’s compliance posture.

    • Make Significant Investments in Training and Retaining Capable Employees — Perhaps the most  important driver of a contractor’s ability to maintain compliance is the ability of its employees to understand and identify potential compliance issues before there is a problem. Accordingly, recruiting and retaining employees with experience and training in the relevant compliance environment are critical. Compliance Officers are well-served by working closely with company Human Resources personnel to ensure that the correct talent is being located and recruited.

    • Find Ways to Secure Support from Top Company Management for Compliance — Crucial to securing the support of employees for the successful implementation and maintenance of a compliance program is ensuring that each employee understands that company management, from the top down. Frequently referred to as the “Tone from the Top,” non-compliances often can be traced back to a failure of management to appropriately ensure lower level employees understand the critical importance of compliance. Compliance Officers that do not have the support of high-level company management are unlikely to have the authority or the resources to effective positive change. Thus, achieving an effective compliance program must begin with a strong statement of support from high level company management.

    • Ensure that CIOs Understand Compliance Requirements— Many of the ways in which companies achieve and maintain compliance is through information technology systems. Accordingly, CIOs need to understand compliance requirements and to work continuously with CCOs to ensure that information technology systems keep up with changing compliance demands. For example, federal government contracts are now requiring that information systems contain adequate cyber security protocols and be able to track purchased materials to ensure adequate proof that the materials are not counterfeit. Thus, close coordination and understanding between the CCO and the CIO is the key.

    "Company CIOs and their staff must possess increasingly robust compliance knowledge,experience, and training"

    • Create and Maintain a Compliance Handbook — Having an appropriately tailored compliance manual or handbook that employees can access and readily use is critical. Of course, the size of the company, the complexity of its business, and the needs of the employees will drive the substance and level of detail. Once the Handbook has been created, it must be continuously reviewed and updated. This is particularly true in those industries facing significant and ever-changing compliance requirements.

    • Have a Strategy for Dealing with Compliance Audits — Whether the govern ment or an independent outside firm is performing the audit, Compliance Officers will significantly increase the likelihood of a successful audit outcome if they have a plan in place that is triggered the moment the company is notified of an upcoming audit. The goal of the audit strategy is to (a) rapidly establish a core team who is most knowledgeable regarding the subject matter under audit; (b) properly prepare the team and agree on a process for handling all audit communications; and (c) ensure accurate, complete, and timely responses to audit questions.

    In the past, these types of compliance requirements were often viewed as unique to federal contracting and, therefore, not readily applicable to commercial practices. This changed with the passage of SOX. Now compliance requirements when performing federal government contracts and those applicable to any business, particularly publicly traded companies, clearly parallel each other. Thus, CCOs will help achieve best compliance practices by understanding federal government contract compliance requirements and the means used to meet these requirements.

    Read Also

    How GDPR can open opportunities for APAC businesses

    How GDPR can open opportunities for APAC businesses
    Keeping Pace with Technology

    Keeping Pace with Technology
    Adventures In Sourcing Compliance And Risk Systems

    Adventures In Sourcing Compliance And Risk Systems
    Customer Data: The New Compliance Frontier

    Customer Data: The New Compliance Frontier
    Top 25 Compliance Solution Providers - 2018

    Top 25 Compliance Solution Providers - 2018

     Top 25 Compliance Solution Providers - 2017

    Top 25 Compliance Solution Providers - 2017

     25 Most Promising Compliance Solution Providers

    25 Most Promising Compliance Solution Providers

    Featured Vendors

    MasterSAM

    Sanjeev Dhar, MD

    entity solutions

    Matthew Franceschini, CEO & Co-founder

    Compliance Special

    Copyright © 2018 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy  |  Sitemap

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://compliance.apacciooutlook.com/cxoinsights/what-ccos-can-learn-from-the-government-contracts-compliance-landscape-nwid-782.html