OCI Mitigation Planning

1
OCI Mitigation Planning

• Glenn Baer
• National Defense Industrial Association
• March 2006

2
Organizational Conflicts of Interest
FAR Subpart 9.5 prescribes the limitations

• Avoid, neutralize, or mitigate significant
  potential
• Conflicts before contract award.
• Contractors have a statutory obligation to
  disclose
• The two underlying principles are--
• Preventing the existence of conflicting roles
  that might bias
• a contractors judgment and
• (b) Preventing unfair competitive advantage. An
  unfair competitive advantage exists where a
  contractor competing for award of any Federal
  contract possesses proprietary or source
  selection information
• The purpose level the playing field in
  competitive procurement and to serve as a means
  of protecting the governments interest in sole
  source procurement.

3
OCI in todays environment
The current OCI environment within the defense
industrial base is particularly complex an
increasingly exacerbated by mergers, business
consolidations, and evolving small
businesses. OCI is and will continue to be a
major and growing concern in federal acquisition
Five years ago Industry expecting an OCI train
wreck unified to propose regulatory changes
that, among other things, promoted mitigation
waver over recusal and divestiture. Concern was
the lack of clarity in the regulations could
threaten effective competition, provide
inequitable disparate treatment of contractors,
increase cost, discourage long term investment,
and promote the erosion of industrial and
technological capability.
4
OCI by the FAR

• 4 Basic Principles of OCI
• 9.505-1 Providing systems engineering (SE) and
  technical direction.
• The contractor that does SE for the development
  of the system should not be responsible for
  production of the system.
• 9.505-2 Preparing specifications or work
  statements.
• The contractor that writes the specs shall not
  participate in the initial production contract.
• 9.505-3 Providing evaluation services
• A contractor will not participate in evaluation
  of its own or its competitors proposals.
• 9.505-4 Obtaining access to proprietary
  information
• A contractor cant use proprietary information
  supplied by another contractor to gain an unfair
  competitive advantage.

From 9.505-1, 9.505-2, 9.505-3, 9.505-4
5
The Mitigation Plan Constructs The practical
heart of OCI management

• Serves as to overcome a perceived bias in
  judgment or potential unfair competitive
  advantage and preserves the integrity of
  organizations objectivity by establishing
  audible isolation controls intended to neutralize
  potential conflicts of interest through
• Organizational, Physical and Managerial
  Separation
• Financial and Goal Separation
• Data Security and Management
• Personnel Policies and Certifications
• Internal Audit Reporting
• Screening and Task Assignment Monitoring
• You must continue to screen past and proposed
  contract requirements relationships or financial
  interest and disclose potential OCIs and
  recognize that potential conflicts might evolve
  during contract performance

6
OCI isolation requirements

• Organizational Separation Managerial Separation
  
• Establish Fire walls between potentially
  conflicting organizations
• Isolate the conflicting workforce identifying
  roistered employees move to organizations with
  like requirements
• Management Establish two levels of separation to
  Isolate Sr. management and to ensure that no
  pressure or bias is introduced into the
  evaluations and recommendations from other
  organizations further ensure no subordinate or
  roster employee is placed in a compromising
  position based on an inappropriate request from
  senior manager.
• Vice Presidents will not be rostered employees,
  they have access top level financial and all non
  SPI program information to monitor and direct
  program performance and deliveries.

7
OCI isolation requirements

• Financial and Goal Separation
• Financial or design interest in a particular
  manufacturing product, process or vendor can be
  perceived to impair ones impartial objective
  assistance or advise to the government. Similarly
  conflicting performance goals can reward
  conflicts
• Separate all financial and performance goals such
  that isolated workforce does not receive rewards
  for conflicting requirements. Common Executive
  management can have financial roll-up oversight
• Goals and reward systems must be separated
  between conflicting organizations. Reward system
  for those inside and outside the firewall must
  be separate and not tied to either organizations
  successes.
• Separate marketing and business development
  activities, train sales and marketing team to
  understand OCI mitigation

8
OCI isolation requirements

• Physical Separation
• Where possible establish remote facilities for
  fire walled employees. Establish facility
  security controls, pass/ keys access during work
  and non-work hours.
• Must physically separate those at common work
  sites providing controlled access to fire
  walled workforce. establish cipher locked
  workspace with separate employee identification
  security
• Customer site other facility controls again
  with access limited work space can facilitate
  this separation

9
OCI isolation requirements

• Data separation protection
• Controlling and protecting data is a critical
  element of successful mitigation
• Data access control must be established.
• Isolated employees must operate on separate data
  servers to prevent Transfusion.
• Recommend establishing an individual to control
  hardcopy, electronic oral sensitive information
  (COI avoidance monitor)
• Must define and understand data types, All must
  be considered Sensitive Program information.
• Procurement Sensitive - adversely impact
  acquisition planning
• Competition Sensitive - adversely affect the
  source selection process
• Proprietary Data - the legal property of the
  government, a company or individual

10
Data protection is the heart of the plan

• Managing Meetings under mitigation plans
• In meetings conducted or sponsored by personnel
  under the mitigation plan the chairperson shall
  be responsible for notifying all meeting
  participants of the scope of the meetings agenda.
  Any handouts, electronic projections, overheads
  or viewgraphs presented containing SPI must
  contain the following notice
• MATERIAL TO BE DISCUSSED TODAY CONTAINS SENSITIVE
  PROGRAM DATA ALL _____ PROGRAM AND OR CONTRACTOR
  PERSONNEL WHO HAVE NOT EXECUTED THE REQUIRED
  CONFIDENTIAL PROPRIETARY INFORMATION AGREEMENTS
  MUST EXCUSE THEMSELFS FROM THIS MEETING IMMEDIATLY

11
OCI isolation requirements

• Personnel Policies and Procedures
• Personnel and mitigation plan policies must
  ensure access to all necessary skill competencies
  both inside and outside the wall. The plan must
  address entrance and exit from the firewall
• Promotion opportunities must be consistent both
  within outside the firewall
• Personnel training must be established for all
  rostered employees to understand compliance
  requirements.

12
OCI statements agreements

• Nondisclosure Agreements are must be executed by
  roistered employees that will be inside the
  Firewall
• Compliance Statements are used to acknowledge
  training, accept and understand the plan
  requirements.
• Debriefing Statement are to understand continuing
  obligations

13
OCI review revision process

• The plan must include internal audit
  requirements to monitor enforcement and establish
  customer reviews
• Internal audit and reporting procedures must be
  established in the plan with enforcement controls
  that include termination and possible criminal
  prosecution. The contractor must encourage self
  governance and enforce non-attribution voluntary
  disclosures.
• Regular customer briefings are necessary to
  established to keep the customer advised of any
  mitigation plan controls and to assess any
  changes in the business environment or contract
  tasking that might introduce a change to the
  plan.

14
OCI isolation requirements

• Task Order Monitoring
• An OCI may not be apparent at the initiation of
  a Task order requirement but evolve during
  performance. Services requirements are
  particularly susceptible to these conditions
• Must screen for potential OCIs at task orders
  initiation and during performance
• Must have a process to screen potentially
  conflicting requirements including those of
  subcontractors

15
MITIGATION PLANNING BENEFITS

• For the Company
• Expands or retains business in areas that could
  otherwise be unavailable.
• Improves employee awareness of OCI issues and
  Improves customer confidence.
• Obviously administrative cost can be high and
  organizational disruption can be a negative.
• For the Agency
• Permits longer term planning and investment by
  private industry.
• Increases effective competition for government
  requirements.
• Improves agency visibility into potential
  conflict of interest.
• An issue in developing successful mitigation is
  always the timing of when to establish the
  controls

16
Questions and Discussion
ANSWERS
ANSWERS
QUESTIONS?
QUESTIONS?
ANSWERS
ANSWERS
QUESTIONS?
QUESTIONS?
ANSWERS
ANSWERS