Proposed FAR Rule: A New Regulatory Framework For Organizational Conflicts Of Interest And Unequal Access To Nonpublic Information
On April 26, 2011, the Department of Defense (“DoD”), General Services Administration (“GSA”), and National Aeronautics and Space administration (“NASA”) published a proposed rule to amend the Federal Acquisition Regulation (“FAR”) coverage of organizational conflicts of interest (“OCIs”). See 76 Fed. Reg. 23236 (Apr. 26, 2011). In addition to transferring the regulatory coverage of OCIs from FAR Part 9, “Contractor Qualifications,” to FAR Part 3, “Improper Business Practices and Personal Conflicts of Interest,” the proposed rule departs from existing FAR coverage of OCIs, as well as longstanding Government Accountability Office (“GAO”) precedent, in several important respects. Comments on the proposed rule are due by June 27, 2011.
Organizational Conflicts of Interest
The proposed rule distinguishes between two categories of OCIs: (1) those that risk impairing the integrity of the competitive acquisition process by creating an unfair advantage in competing for a future requirement and (2) those that impact the Government’s business interest by potentially compromising the objectivity of a contractor’s judgment during performance. These categories of OCIs correspond to what GAO commonly refers to as “biased ground rules” OCIs and “impaired objectivity” OCIs, respectively. The third category of OCIs identified by GAO, “unequal access to nonpublic information,” would be removed from the OCI context, but still addressed, just separately in FAR Part 4.
Under the proposed rule, contracting officers would have broader discretion to address – and even accept the risk – of OCIs that impact the Government’s business interest as opposed to the integrity of the procurement process. With regard to the former category of OCIs, the proposed rule provides that “the contracting officer has broad discretion to select the appropriate method for addressing the conflict, including the discretion to conclude the Government can accept some or all of the performance risk.” If an OCI impacts the integrity of the procurement process, in contrast, “the contracting officer must take action to substantially reduce or eliminate the risk.” Hence, in those circumstances where the OCI creates what has traditionally been referred to as an “impaired objectivity OCI,” the contracting officer could him/herself effectively waive the OCI.
The proposed rule also arguably departs from GAO precedent in its treatment of OCIs arising from work performed by an offerors’ affiliates. GAO has traditionally treated a contractor and its affiliates as the same entity for purposes of OCI analysis. The proposed rule, however, would require the contracting officer to analyze the corporate and business relationship between the offeror and the affiliate to determine whether it is possible to mitigate the risk of an OCI arising from the affiliate’s work. Specifically, the contracting officer would be required to consider factors such as whether the offeror and affiliate are controlled by a common corporate parent, whether the overall corporate organization includes internal barriers that limit the flow of information and personnel, whether the offeror and the affiliate are separate legal entities and managed by separate boards, whether the corporate organization has instituted recurring OCI training and protections against OCIs, and whether the affiliate can influence the offeror’s performance of its contractual requirements. The proposed rule also identifies several “structural or behavioral barriers” that could be used to lessen the risk that the potentially conflicting financial interest of an affiliate will influence the contractor’s exercise of judgment during contract performance. These include binding resolutions prohibiting certain individuals or entities from participating in contract performance, the requirement for a nondisclosure agreement between the contractor and its affiliate, the utilization of independent directors that have no prior relationship with the contractor, and the creation of a corporate OCI compliance official to oversee implementation of the mitigation plan. Properly managed by the contractor and evaluated by the government, this could reduce the risk of OCI created by affiliates.
The proposed rule also includes a new solicitation provision and three new contract clauses intended to increase uniformity in the treatment of OCIs:
FAR 52.203-XX, “Notice of Potential Organizational Conflict of Interest,” would require an offeror to disclose all relevant information regarding any OCI, to represent that it has disclosed all such information, and to explain the actions it intends to use to address any OCI.
FAR 52.203-ZZ, “Disclosure of Organizational Conflict of Interest After Contract Award,” would require a contractor to make a prompt and full disclosure of any new or newly discovered OCIs.
FAR 52.203-YY, “Mitigation of Organizational Conflicts of Interest,” would incorporate an offeror’s mitigation plan into the contract and also address changes to, and noncompliance with, the plan.
- FAR 52.203-YZ, “Limitation of Future Contracting,” would be used when the contracting officer determines to avoid a potential OCI through a limitation on future contracting.
The contracting officer would have discretion both in determining whether to include one or more of these clauses in a solicitation and in tailoring the clauses as appropriate. While the requirements of these clauses is likely not new to contractors, as similar requirements have been imposed by special contract clauses used by many agencies, the generalized coverage and reach of the FAR would likely expand their applicability to a far broader range of contracts and, thus, impose a heavier burden on companies to monitor potential OCIs over this increased contract pool.
Access to Nonpublic Information
The proposed rule includes a new FAR Subpart 4.4, entitled “safeguarding information within industry,” that is intended to preclude contractor use or disclosure of nonpublic information for any purpose unrelated to contract performance and to ensure that contractors do not obtain any unfair competitive advantage by virtue of access to such information.
FAR Subpart 4.4 would create a new framework for addressing the potential competitive harm resulting from unequal access to nonpublic information. Under the new approach, the contracting officer would be required to consider whether access to the nonpublic information was provided either directly or indirectly by the Government or by a third party. If the information was provided by a third party, the contracting officer would not be required to take – but apparently would not be prohibited from taking – steps to mitigate the potential unfair competitive advantage. If, on the other hand, access to the information was provided either directly or indirectly by the Government, the contracting officer would be required to consider whether the nonpublic information is available to all potential offerors and whether access to the nonpublic information would be competitively useful. If the Government-provided information is competitively useful, and was not available to all offerors, the contracting officer would be required to mitigate the resulting unfair competitive advantage. The potential mitigation strategies identified in the proposed rule include disseminating the information to all offerors (if the nonpublic information is Government information), the use of a firewall (where only some offeror personnel have had access to the information), and disqualification from the procurement (where the contracting officer determines that neither of the foregoing strategies would be effective). The last of these mitigation techniques is particularly harsh and has not generally been required since firewalls and nondisclosure agreements should adequately resolve the unfair competitive advantage. Hence, we hope that disqualification would, as it should, remain a technique of last resort that is rarely imposed.
The proposed rule also includes four new solicitation provisions and contract clauses relating to nonpublic information. Two of these clauses are particularly interesting. FAR 52.204-XX, “Access to Nonpublic Information” would prohibit contractors from using nonpublic information for any purpose other than contract performance, require contractors to obtain nondisclosure agreements from personnel with access to such information, mandate reporting of any violations of the clause, and require the contractor to indemnify the Government for any misuse or disclosure of such information. Most sophisticated contractors already obtain and maintain nondisclosure agreements, but the requirement to report violations to the Government would likely impose a material additional burden on contractors. FAR 52.204-YZ, “Unequal Access to Information” would require an offeror to disclose whether it or its affiliates have obtained access to relevant nonpublic information from the Government, to represent that it has implemented any required firewall, and to report any breaches thereof. Again, while many contractors are familiar with such reporting requirements in proposals, the fact that the FAR would now standardize the requirement will likely require many contractors to institutionalize further their monitoring and data collection efforts in this regard.
The proposed rule is a mixed bag for contractors. On the one hand, the new contract clauses addressing unequal access to nonpublic information would impose additional compliance burdens and create additional risk. On the other hand, most contractors would benefit from the proposed rule’s more flexible treatment of OCIs, particularly with regard to the contracting officer’s discretion to accept the risk of OCIs that impact only the Government’s business interests and the requirement for a contracting officer to consider the totality of the circumstances prior to disqualifying a contractor based on OCIs arising from work performed by an affiliate. Moreover, to the extent that most agencies adopt the ultimate FAR provisions and jettison their own unique OCI clauses and requirements, this could reduce the burden on contractors who have had to institute multiple policies and procedures to comply with the currently varied requirements.