Acquisition officials, especially in the Defense Department, worry about why the roster of would-be federal contractors seems to contract every year. Small companies in particular seem to be departing. If could be, the ever-expanding list of rules are driving them away. To get perspective, the Federal Drive with Tom Temin spoke with long-time federal sales and marketing consultant, Larry Allen.

Interview transcript:

Tom Temin You’re combining a couple of ideas here, Larry, in that commercial acquisition is giving way to commercial plus tons of federal rules. And that is what’s driving companies that just can’t afford the compliance anymore. Tell us more.

Larry Allen Well, Tom, I’m here this morning to regretfully announce the obituary for commercial acquisition in federal government. And while the government used to have a commercial first buying method, which attempted to mirror commercial acquisition practices, the reality today is that the way that the government buys commercial goods and services really bears little or no resemblance to how they’re bought in the commercial market. And the result of that is reduced competition to specialized suppliers, higher prices, because there are more hoops that contractors providing commercial solutions have to jump through, and a lack of innovation. Because truly innovative companies may just sit on the sidelines rather than have to deal with some requirement that they do a robust check of all of their companies telecommunications devices to make sure they pass federal muster.

Tom Temin Right. A lot of these rules and requirements have not been baked yet into the Federal Acquisition Regulation. Correct?

Larry Allen A lot of them haven’t. And that’s alarming, Tom, because a number of them have. The one that I just referenced, the Section 889 telecommunications so far in government contracts under an interim rule, that we’ve been waiting for a final rule now for over two years. In the meantime, other things are coming right down the pike. The Department of Defense, for example, is expected someday to issue a final rule on [Cybersecurity Maturity Model Certification (CMMC)], basically setting standards for how contractors handle controlled unclassified information. But also things like greenhouse gases, software attestation over at [General Services Administration (GSA)], and whether and how you have good cybersecurity systems in your network.

Tom Temin Right. And I guess sometimes the government maybe doesn’t fully understand the costs, two businesses of complying with some of these requirements.

Larry Allen Right. They want to at the same time, Tom, attract new businesses, particularly small businesses. This administration has an initiative to do more business with small disadvantaged businesses where you can be a disadvantaged business of any stripe by having to pay more to comply with a new laundry list of government rules and regulations that impact your contract. You’re going to have a very tough time attracting these companies. As you implied in your opening, Tom, you’re going to have a tough time keeping some of the companies that have been in this market. It’s expensive to comply with new rules, and we see businesses leaving this market every year. I talked to a small business just last week that’s been in the government market for over 40 years. They’re looking hard, at whether or not they can even stay in this market. And the number one reason is, the number of new rules and regulations that they have to gear up for. They just don’t have the revenue to justify that type of investment.

Tom Temin Well, what can companies do? What is the forum if they want to state this to the government? What’s the best way to at least tell the government before you give up totally on the market?

Larry Allen Well, I think one of the things I’m encouraged by, Tom, is that there were a number of responses recently on the administration’s greenhouse gas rule. There was a lot of pushback, apparently, on the rule. And that’s just one example that proves the larger point. If industry sees new rules and things that make it more difficult for them to do business, they need to speak up. Speak up either individually as part of a larger group of contractors, like an association. They need to get involved in the regulatory process. They also need to let their elected officials know these jobs provide a lot of economic activity in your congressional district. Allowing new rules to go in every other day, threatens these jobs, threatens our local economy. It’s a message that absolutely needs to be put up and put up consistently. And I’d also recommend coming up with some recommendations for alternatives. You just don’t want to complain about what’s wrong. You want to try and come up with an alternative that people maybe can live with. This has worked in the past, Tom, when we’ve had people in Congress and in the executive branch who have been willing to have a true dialog with industry. I’m not sure if we’re in tha place today, but I hope so.

Tom Temin We’re speaking with Larry Allen, president of Allen Federal Business Partners. To switch topics here, the Office of Management and Budget has a lot of modernization refresh ideas that are related to the Biden administration’s national cybersecurity strategy, which came out just a couple of weeks ago. You’re skeptical there, too, that a whole lot of modernization might take place because of that.

Larry Allen I think it’s a great goal, Tom. The Office of Management and Budget coming out and saying we’re really super serious this time about modernizing IT. Who couldn’t be in favor of that?  We have the technology modernization fund that’s been around for a while. That’s not the only way modernization happens, but it is one way and it’s one that’s often touted. Significantly, the same week that OMB came out saying, rah rah, we’re going to modernize IT. The administration only put $200 million in the technology modernization fund budget request for fiscal year 24. On the face of it, that’s not a lot of money discretely set aside for modernization. Put that to end with the idea that this is supposed to be a ten year plan. Look, if you’re in industry, and even in government, you know that a ten year plan often can be superseded by events that come up over that lifespan, take more precedence over the original idea to modernize IT. And also that you can modernize I.T. best when everybody’s on the same song page. But that really is never the case or very rarely the case in federal IT. The Office of Management Budget would like agencies to modernize in a certain way. Agencies feel they have a better idea of what their mission specific needs are. Their laundry list may not match OMB. So while I think this is a great effort, Tom, we’ve heard this song before. We’ve never gotten to the end of the tune. I’m not sure that we’re going to get there now.

Tom Temin Well, quite a number of the applications and awards from the Technology Modernization Fund, and don’t forget there was a non-appropriated or appropriated via non-regular appropriations. I guess we should say, billion dollars from couple of years ago. I have trouble keeping track of them all, but which is not used up yet. But a great many of those awards did have to do with cybersecurity, and agencies have made progress there. And that’s a big piece of modernizing.

Larry Allen Oh, I think we’re making modernization in step, maybe not leaps and bounds,Tom. I’m not sure that we need another OMB program to do it, but now we have one. When I wrote about this for my newsletter this week, I put the title down that had something like, I think we’ve heard this song before. It doesn’t mean it’s a bad song. Could be a great song. But what it means is, it’s really not anything new. So I think in order for this initiative to be successful, there’s going to have to be more than a headline, more than a press release. It’s going to have to be a daily effort that OMB works on in coordination with the agencies.

Tom Temin And I guess, maybe, the other interesting question about the TMF, is that even at a billion dollars it’s only 1% of what we presume agencies spend across the board on information technology. And if a lot of it is for modernizing, including updating cybersecurity, why can’t agencies find 1% from what they’re doing, on average, to do that without the TMF?

Larry Allen Well, I think that’s a good question, that should not just be asked to CIOs, but should be asked to chief management officers. It’s not necessarily only a technological hurdle or a technological issue. Sometimes it’s a mission issue, whether or not you’ve got an agency that has internal mission priorities that the it has to be tailored to meet, or whether there’s some congressional or executive branch policy that agencies have to dedicate part of their budget to meet those requirements. So it’s not just the technology issue. If it was, I think you could probably solve it, but it’s mandates on where that technology spending has to go, sometimes driven by other than technology based realities.