With future wars being fought in cyberspace, our national security goals are highly reliant on effective and timely acquisitions of advanced information technology capabilities, especially within the command and control and secure information sharing domains. Unfortunately, few defense IT programs deliver on time nor on budget in spite of over half of the budget going to consultants and system engineering and technical analysis (SETA) contractors. Clearly, we are not getting the promised value, and an investigation into this problem reveals very troubling patterns of fraud, and deepening conflicts of interests resulting from unenforced Federal IT Acquisition Reform Act (FITARA) and Federal Acquisition Regulation 9.5 conflict of interests rules. To make matter worse, misapplication of Other Transaction Authority (OTA) and FAR 6-302 sole source rules has undermined transparency, and prevent fair and open competition.

Congress has seen these patterns and put in place laws designed to protect both the taxpayer and the mission owners, including the Clinger Cohen Act of 1996, FITARA and the related FAR Section 9.5 that prohibits SETA contractors from using their insights and influence to gain an unfair advantage or worse, commit fraud. SETA contractors fill a critical role in helping guide major investment decisions with limited conflicts as they are prohibited from delivering any material solutions as this would create an unfair advantage. Unfortunately, some seek to be both advisor and performer by using an unenforceable organizational conflict of interest (OCI) mitigation plan. The Defense Information Systems Agency’s Thunderdome, a replacement for the failed Joint Regional Security Stack (JRSS) and awarded to Booz Allen Hamilton, appears to reward poor past performance and ignore potential conflicts of interest.

Due to the IT talent gap, many agencies have outsourced much of their critical thinking to these SETA contractors, and some federal system integrators (FSIs) have used this opportunity to increase profits by gaming the system to their advantage in spite of FAR rules. Some major technology companies have sought to influence government contractors through kickbacks, job offers and special discounts. The IT Acquisition Advisory Council (IT-AAC) documented these abuses with the $10 billion JEDI cloud procurement and wrote Congress to expose the unfettered abuses. The JRSS is another example that IT-AAC challenged when the Defense Department awarded a sole source contract to Booz Allen Hamilton (BAH) in 2016. More recently BAH won a $1.65 billion Centers for Disease Control and and Prevention IT modernization contract after receiving a $7 million SETA contract with the CDC CIO, another case of what seems to be unfair competition.

Over the past couple of decades, major defense contractors like Lockheed Martin, SAIC and Northrup Grumman have spun out their SETA business units to avoid the appearance of conflicts of interests, while others have devised plans to circumvent the rule of law through revolving doors, OCI mitigation plans and lobbying. That has undermined the innovators and rewarded those willing to put profits ahead of national security. It is time for the DoD inspector general, chief information officers and program managers to enforce the conflicts of interest rule with major national security IT programs as these corrupting forces are enabling our adversaries to catch up technically, as seen within Russian, Iranian, North Korean and Chinese state hackers who are taking advantage of our inability to deliver. DoD’s failure to embrace commercial innovations critical to war fighting has become the deputy secretary of Defense’s top priority, as seen with the elevation of the Defense Innovation Unit (DIU) and the growing embrace of public-private partnerships that are free of rice bowls.

As many recognize, IT acquisition has become a very lucrative market worth hundreds of billions as it is both critical to our future national security, but also a target for fraud, waste and abuse. As such we are seeing some suppliers go to great lengths to undermine fair and open competition as seen with increased lobbying, misuse of OTAs, revolving door influences and means of skirting FAR 9.5 conflict of interest and false claims rules. OCI protests have forced most FSIs to spin out their SETA divisions to avoid conflicts of interests, while others like Booz Allen Hamilton and Deloitte have seemingly sought ways of profiting from unenforced revolving door and unenforceable OCI mitigation plans that allow them to both advise and perform on lucrative IT programs.

Unfortunately, this game requires complacent government officials, who may have hopes of gaining employment with their supplier (BAH, Microsoft, Amazon Web Services, ServiceNow and others) where the revolving door is spinning faster than ever. Enforcement of OCI is hard because those who have complained or protested face reprisals or have found themselves on the agency’s hidden blacklist. “Snitches get stiches,” as the saying goes.

Congress, the Government Accountability Office and the Justice Department must act to stop this type of systematic corruption before we lose the next war fought in cyber space. Congress must enforce FAR 9.5 rules by banning OCI mitigation plans. GAO must uphold protests where the contractor has significant influences in program design and selection. And DoJ must stop allowing contractors to buy their way out of enforcement as we saw with the record $377 million False Claims Act settlement with Booz Allen.

Russia used to be a superpower, and has become a second rate power due to unfettered corruption. If we do not change our ways, we will end up in the same category while we watch the rise of China.

Congressional and executive branch inaction is not an option. It’s time for lawmakers and agency leaders to ensure the rigor of oversight is applied to contractors who are putting our national security at risk by ignoring conflict of interest rules. More and more agency heads are telling their contractors to choose between advisor and performer.

John Weiler is cofounder and executive director of the IT Acquisition Advisory Council (IT-AAC.org), a public/private partnership dedicated to driving commercial innovations and fair/open competition in the public sector.