Helping individuals, companies, and organizations understand key legal and practical considerations for promoting compliance and making better business decisions in these types of federal, state, and local government contracting matters MORE

Effective Compliance Evaluations and Enforcement

On March 31, 2022, the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) issued a new directive concerning enforcement of its equal employment opportunity laws. The new directive, DIR 2022-02, Effective Compliance Evaluations and Enforcement, provides updated guidance on agency compliance evaluation policies and expectations for government contractors. The practical effect of this update is to remove some of the flexibility previously provided by the OFCCP when reviewing contractors for OFCCP compliance. It is anticipated that these new directives are being pushed out in advance of releasing an updated Corporate Scheduling Announcement List (CSAL) notifying contractors that they will likely be included in OFCCP’s audit scheduling list.

The directive purports to allow OFCCP to strengthen the effectiveness of its compliance evaluations and promote greater contractor compliance by:

  1. Conducting comprehensive compliance evaluations and reducing delay by promoting the timely exchange of information.
  2. Promoting a proactive approach to compliance where federal contractors are required to actively self-audit employment systems to identify and resolve problems in their employment practices.
  3. Coordinating multi-establishment compliance review, including evaluations of common policies and patterns, when an employer has multiple establishments scheduled for review.
  4. Promoting regular, open, and transparent communication by all parties during the compliance evaluation to ensure contractors understand the nature of any concerns identified and to facilitate a prompt resolution of violations and completion of reviews.

In addition, the directive explains updated agency policies regarding the scheduling of contractors for compliance evaluations.

  • OFCCP is enhancing its neutral scheduling procedures for selecting federal contractors for compliance evaluations to reach more contractors and subcontractors. OFCCP will continue to post its CSAL to notify contractors that they are included in OFCCP’s audit scheduling list.
  • OFCCP will no longer delay scheduling contractors for 45 days after the issuance of a CSAL. As of March 31, 2022, OFCCP may begin scheduling contractors upon the publication of the CSAL.

The directive also describes contractors’ obligations regarding timely submission of Affirmative Action Programs (AAPs) and supporting data, supplemental information, and access to employees, applicants, and other witnesses.

  • Supply and service contractors are required to develop an AAP within 120 days of the commencement of a covered federal contract and to update that AAP on an annual basis.
  • Supply and service contractors must annually certify that they have developed and maintained complete AAPs in compliance with OFCCP’s requirements through its Contractor Portal.
  • Upon receipt of a Supply and Service Scheduling Letter and Itemized Listing or a Construction Scheduling Letter and Itemized Listing, a coveredcontractor that is scheduled on or after March 31, 2022, is required to submit all AAPs and itemized listing data, including supporting data, within 30 calendar days. Where a contractor needs additional time, OFCCP retains the authority to grant an extension for extraordinary circumstances.
  • OFCCP reiterates its long-standing policy that the agency may request supplemental data, follow-up interviews, and/or additional records and information if a contractor’s desk audit submission is incomplete or OFCCP identifies issues that warrant further analysis. When requesting this supplemental information, OFCCP will reasonably tailor the request to the areas of concern, allow contractors a reasonable time to respond, and include the basis for the request. The directive provides additional information regarding OFCCP’s ability to request additional information or expand the investigation if the agency identifies additional compliance issues.
  • OFCCP stressed the importance of contractors providing access to their premises and records relevant to OFCCP’s investigation, including records that will enable OFCCP to directly contact current and former employees and other witnesses.

The directive also highlights how the agency is increasing contractor accountability. In accordance with DIR 2022-02, when covered contractors use OFCCP’s Contractor Portal to register and annually certify compliance with their AAP obligations, they are certifying that they have developed and maintained complete AAPs. Contractors can now begin certifying their compliance in the Contractor Portal, which has been ready for use since March 31, 2022.  Certification must be completed by June 30, 2022.

In adopting and implementing the new procedures described above, the directive also rescinded and replaced four prior directives, DIR-2018-06, DIR 2018-08, DIR 2020-02, and DIR 2021-02, which were promulgated under the prior administration.

Pay Equity Audit

On March 15, 2022, OFCCP also issued a new directive, DIR 2022-01, Pay Equity Audit, to provide guidance on how OFCCP will evaluate federal contractors’ compliance with pay equity audit obligations.  The directive is broken down into three categories: (1) the audit; (2) the documentation; and (3) OFCCP’s authority to review.

  1. Audit. As part of their affirmative action obligations, supply and service contractors are required to perform an in-depth analysis of their total employment practices, including an in-depth analysis of their compensation systems to determine whether there are gender-, race-, or ethnicity-based disparities. By proactively conducting this pay equity audit, contractors can determine whether impediments to pay equity exist and develop action-oriented programs to address these problems. If the audit reveals disparities in pay or other concerns about a contractor’s compensation practices, OFCCP may request additional information to investigate the contractor’s compliance.
  2. Documentation. OFCCP has the authority to review a contractor’s pay equity audit to understand the methodology used and verify compliance. OFCCP will request that the contractor provide a complete copy of pay equity audit(s) and that such audits show all pay groupings that were evaluated, any variables used, and the results of the analyses, including any disparities found. OFCCP may also request additional information including the model statistics and/or information relating to the frequency of pay equity audits, the communication to management, and how the results were used to rectify disparities based on gender, race and/or ethnicity.
  3. Authority to Review. OFCCP acknowledges that contractors may retain counsel to assist with the preparation of the pay equity audit and compliance records. But contractors must maintain and make available to OFCCP documentation of their compliance with OFCCP regulations. According to the new directive, a contractor cannot withhold its documentation of its pay equity audit based on the attorney-client privilege or work-product doctrine.

This directive is additional evidence of the OFCCP’s continuing and enhanced scrutiny of contractors’ compensation systems. It emphasizes the need for contractors to conduct and document their comprehensive compensation analysis (preferably using a statistical regression model) in order to demonstrate compliance during an audit.

For more information about these new OFCCP directives and their impact on federal contractors, please contact Amy Conway, Kelly Maxwell, or Stephanie Scheck.

Effective immediately, the Department of Defense (DoD) Federal Acquisition Regulation (DFARS) issued its final rule to provide enhanced post-award debriefing rights in competitive negotiated contracts, task orders, and delivery orders exceeding $10 million. The final rule applies to DoD acquisitions greater than $10 million of commercial products, including those for Commercially Available Off-the-Shelf items, and commercial services.  The final rule makes clear that offerors have the right to submit timely follow-up questions and to obtain agency responses as part of the enhanced debriefing.

Many an unsuccessful offeror files a protective bid protest based on its belief that it was not fairly considered. Enhanced debriefings provide offerors in covered DoD procurements with the opportunity to learn more about why they were not selected for award. This may help avoid the bringing of protests that ultimately would not be successful and also provide greater clarity to those that compete regarding the evaluation of their submissions.

For awards in excess of $10 million and not in excess of $100 million, the final rule provides an option for the small business or nontraditional defense contractor to “request disclosure of the agency’s written source selection decision document, redacted to protect the confidential and proprietary information of other offerors for the contract award.”  For procurements above $100 million, the final rule provides for the agency disclosure of its written source selection decision document “redacted to protect the confidential and proprietary information of other offerors for the contract award.”

Offerors availing themselves of the opportunity to receive an enhanced debriefing under the final rule have a number of sources for guidance regarding how such debriefing matters affect the time for bringing a bid protest. Under the Competition in Contracting Act (CICA), an offeror has 10 days from the date it first knew or should have known of the basis for a post-award protest.  When a post-award required debriefing is provided, the offeror only has 5 days to bring a timely protest to the Government Accountability Office (GAO) and obtain a mandatory stay of the procurement. FAR 33.104(c) provides that the agency “shall” stay the procurement or terminate the challenged award unless the agency determines it is in its best interest or there are urgent and compelling circumstances.    Confusion may still arise, however, when questions are raised by an offeror during an enhanced debriefing – how do such questions impact the time period for bringing a timely protest and obtaining the mandatory stay? The final rule seeks to address this confusion, providing that there is a 5-day window for bringing a timely bid protest and that the 5 days begins to run on the date the post-award debriefing is offered.  If questions are raised within 2 business days after this debriefing date, the final rule provides that the agency is required to respond to the questions within 5 business days and that the 5-day window for bringing a protest will be deemed to start when the agency delivers its response to the questions.  The rule provides that the agency may provide its enhanced debriefing orally or in writing.  Responses to any follow-up enhanced debriefing questions that have been timely submitted must be delivered in writing.

DFARS 252.215-7016 Notification to Offerors – Postaward Debriefings and DFARS 252.215-7010 Postaward Debriefings for Task Orders and Delivery Orders, are being revised to add in the provisions on enhanced debriefings.

In bid protests, timing really is everything.  While the agency may have the discretion to respond to questions raised beyond the time periods set out in the CICA and rules, such responses will not stay the deadline for filing a timely bid protest.  Note too that the ability to obtain a mandatory stay at GAO of the procurement is tied to timeliness of the protest in light of the existing rules. If you have questions about this advisory, contact Susan Warshaw Ebner or your Stinson counsel.

This week the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) issued a “SHIELDS UP” advisory.  While it does not identify specific threats in the advisory, CISA states that the “Russian government understands that disabling or destroying critical infrastructure – including power and communications – can augment pressure on a country’s government, military and population and accelerate their acceding to Russian objectives.” Given the situation in Ukraine, there is concern about an escalation of cyber threats even here in the US.

Steps identified in the advisory are those that many in the defense industrial base (DIB) are already aware of or implementing. No matter whether you engage in government contracting or focus on commercial activities, your IT systems may be at risk, so forewarned is forearmed.  Here are some of the key steps identified in the advisory to help reduce damage from a cyber intrusion:

Validate that all remote access to the organization’s network and privileged or administrative access requires multi-factor authentication.

Ensure that software is up to date, prioritizing updates that address known exploited vulnerabilities identified by CISA.

Confirm that the organization’s IT personnel have disabled all ports and protocols that are not essential for business purposes.

If the organization is using cloud services, ensure that IT personnel have reviewed and implemented strong controls outlined in CISA’s guidance.

Sign up for CISA’s free cyber hygiene services, including vulnerability scanning, to help reduce exposure to threats

Do you have a crisis-response plan and team?  If not, now is a good time to put one in place.  Know what you have to do in the event of an incident and who has to do it. In addition to addressing the problem in real time, you will need to investigate, collect and preserve information for follow up reporting and remediation.  Timely reporting of cyber incidents involves more than just putting in a call. Defense contractors are required to have a designated person with authority to operate the Department of Defense (DoD) Cyber Crime Center (DC3) portal to report cyber incidents. But there may be other places to report to as well.  CISA and/or the Federal Bureau of Investigation (FBI) are also looking out for reports of incidents or unusual activities.

DoD DIB Collaborative Information Sharing Environment (DCISE) – ; ; (hotline) (410) 981-0104/ (toll free) (877) 838-2174


FBI (local field office) –

FBI (24/7 CyWatch) – ; (855) 292-3937

Even cyber intrusions that appear benign may result in infiltration of your networks, exfiltration of data, or more.  Be alert to unexpected or unusual emails or network behavior, and ensure your antivirus and anti-malware are engaged to protect your networks.  In the event you identify a potential cyber intrusion, act quickly to identify and address these threats.

Cyber incidents may trigger requirements beyond reporting on the incident to the government. If you have an actual or suspected cyber incident, consult with your counsel to assess and address these and other requirements. Contact the author or your Stinson counsel if you have questions about this advisory.

It is all but certain that mandatory arbitration clauses will no longer exist for workplace sexual assault and sexual harassment claims once the expected legislation many refer to as the #MeToo Arbitration Ban is signed by President Biden.  Stinson’s Labor, Employment & Benefits division reported on this bill in its Alert, Senate Passes #MeToo Bill Allowing Employees to Bypass Arbitration. While certain large government contracts have already included a similar prohibition on mandatory arbitration clauses for these types of claims, this soon to be law will apply to all employers, including all government contractors.  Once signed into law, an employee will have the right to choose whether to go to court to pursue a workplace sexual assault or sexual harassment claim – even if the employee has previously agreed to binding arbitration of all claims as part of an employment agreement.

This development is an almost perfect example of a situation where an ounce of prevention is worth a pound of cure.  The best way to avoid the challenges of having to litigate a sexual assault or sexual harassment claim against you as an employer is to have policies and procedures in place to minimize the risk of behavior that could lead to such claims, and a plan in place to address complaints internally as soon as they are made.  Mandatory sexual harassment prevention training for both supervisory and non-supervisory employees, for example, should be a regular thing, not just once in a while.  A process in place to report and address such complaints – with action required by your managers – is another.

Once again the President has invoked the Federal Property and Administrative Services Act as the authority for an Executive Order “to promote economy and efficiency.” In his latest Executive Order (EO) issued on Friday, February 4, 2022, President Biden mandated that all federal procurement construction projects valued at $35 million or more must use a Project Labor Agreement (PLA).

By requiring a PLA, the President would place considerable power over the terms and conditions of a performing a federal construction contract in the hands of unions. Under the EO, PLAs are defined as

a pre-hire collective bargaining agreement with one or more labor organizations that establishes the terms and conditions of employment for a specific construction project and is an agreement described in 29 U.S.C. 158(f).

Since the EO will apply the PLA mandate to “large-scale construction projects,” it is likely that any PLA will require the involvement of multiple unions and labor organizations to negotiate the specifications, terms and conditions of the project for the various trades that will be working at the site.  The EO requires that the PLA “contain guarantees against strikes, lockouts, and similar job disruptions” and set out binding procedures for the resolution of labor disputes arising during the term of the PLA. Notably, the EO would effectively appear to bypass the role and authority of federal agencies in certain key areas as the EO provides that PLAs will “provide other mechanisms for labor-management cooperation on matters of mutual interest and concern, including productivity, quality of work, safety, and health.” Such a collectively bargained PLA then would bind all federal contractors and subcontractors on the project to the contractor-union negotiated specifications, terms and conditions for performance of the project. The EO in fact states that it will require “every contractor or subcontractor engaged in construction on the project to agree, for that project, to negotiate or become a party to a project labor agreement with one or more appropriate labor organizations.”  Nowhere does it say that the federal procuring agency will be involved in this process or otherwise have any say in what is actually negotiated and placed in the PLA. The agency’s only role is to identify those projects where PLAs will be mandatory.

The EO allows for some exceptions to requiring a PLA in projects that (a) are found not to advance the federal government’s interests in achieving economy and efficiency; (b) market analysis shows the PLA would frustrate full and open competition by substantially reducing the number of potential bidders on the project; or (c) would otherwise be inconsistent with statutes, regulations, Executive Orders, or Presidential Memoranda. In contrast, the EO also allows agencies to expand the requirement of a PLA beyond procurements of large construction projects, to smaller construction projects, as well as construction projects “receiving any form of Federal financial assistance (including loan guarantees, revolving funds, tax credits, tax credit bonds, and cooperative agreements).”

The EO also directs the creation of a reporting regime for making public the data on the use of PLAs, as well as descriptions of any exceptions granted.

While the White House estimated that this EO will apply to $262 billion of federal construction contracts and impact nearly 200,000 workers, the total is likely to go much higher and the impact much broader once projects under the $1.2 trillion Infrastructure Investment and Jobs Act of FY 2021 are commenced.

Federal law requires that there be rulemaking notice and comment and impact analyses performed for issuance of FAR procurement rules. The EO gives the FAR Council 120 days to propose regulations to implement this EO, and the Office of Management and Budget (OMB) is directed, to the extent permitted by law, to issue guidance on the exception and reporting provisions of the EO. We can expect that there will be a number of comments filed in the future by trade associations, contractors, and other industry groups once the FAR Council issues a proposed rule.   Those potentially affected by the EO and implementing regulations and guidance should watch out for opportunities to provide their input not only during the forthcoming FAR rulemaking processes and OMB activities, but also through other routes since the EO seeks to extend the required use of PLAs – and therefore the role of trade associations and unions — far beyond federal procurements to grants, tax credits, loans, and other agreements, implicating not just federal projects, but other projects receiving some form of federal assistance.

Contact the author or your Stinson counsel if you have questions about this advisory.