Intelligence community calls for clearer organizational conflict-of-interest rules

The intelligence community is in need of clarity on the often-scattershot rules surrounding organizational conflict of interests for industry contractors, according to a white paper issued this month by a research group focused on national security.

A task force formed by the Intelligence and National Security Alliance, an organization of corporate and government officials, found that intelligence agencies generally follow their own sets of rules on the best ways to avoid, neutralize, or mitigate a conflict of interest among their contractors, often with varying results. And though the paper steers clear of a one-size-fits-all solution, it argues for consistency on the understanding and analysis of OCI rules.

"Our recommendations create the framework for a relatively simple remedy to OCI-related issues," said INSA Chairwoman Frances Townsend, who previously served as President George W. Bush's top homeland security adviser. "Clear guidance from the [Director of National Intelligence] and an advisory board that will facilitate regular communication between the government and its industry partners will save both taxpayers and the private sector time and money over the long run."

Organizational conflicts of interest typically occur when a firm has access to nonpublic information, or has questionable objectivity that would give it an unfair competitive advantage when competing for work. Conflicts could crop up, for example, when a contractor is asked to evaluate the performance of a competitor, or if a company is hired to prepare a statement of work and then bids on the same project.

"OCI policy is first and foremost a matter of principles," the report states. "At its heart, the intent of OCI regulation is to protect the integrity of the government's procurement process."

The task force found that personal conflicts of interest, such as those involving an individual's employment or financial relationships, are common, but violations of OCI rules in the intelligence community are rare. "We could not find a single case of a [intelligence agency] company violating OCI rules," said INSA President Ellen McCarthy.

The report found that private sector firms are employing a risk-averse approach to ensuring compliance with OCI policies, undertaking some extreme measures, including divestiture of certain company components.

While civilian and Defense Department agencies are guided by OCI rules spelled out in the Federal Acquisition Regulation and in the Defense Federal Acquisition Regulation, respectively, no such uniform guidance exists for the intelligence community.

For example, the CIA tends to engage in development contracts based on a specific mission with a small group of contractors, the report said. As a result, the agency generally attempts to mitigate, rather than avoid altogether, potential OCI conflicts. A typical mitigation strategy involves the use of a firewalled, nonconflicted subcontractor, a policy that critics argue is insufficient.

The National Reconnaissance Office, for its part, focuses on avoidance because its large platform contracts generally require a significant amount of systems engineering and technical assistance. The NRO has concluded that no firewall is sufficiently high to mitigate a conflict of interest, the paper said.

"The crux of OCI regulation is the language that determines whether mitigation is a preference or alternative to avoidance," the task force wrote. "The differing nature of contracts among the agencies and varying definitions used in terms of OCI resolution are the roots of inconsistent OCI regulation among the [intelligence community]."

Avoidance, the group suggested, often does not allow for significant flexibility to develop the most optimal contracts, while excessive mitigation or the issuance of waivers does not adequately protect the integrity of the government procurement process.

Late last year, the Pentagon issued a major revision to its OCI policy, requiring companies to voluntarily disclose any possible organizational conflicts of interest before bidding on projects. The rule, which is limited to major defense weapons systems programs and systems engineering and technical assistance contracting, does not state a preference for how to resolve an OCI.

And while several Pentagon-based intelligence agencies, including the NRO, National Security Agency, Defense Intelligence Agency and the National Geospatial-Intelligence Agency, are subject to the updated DFAR rules, most have adopted their own OCI policies, some of which run counter to the Defense regulation.

The task force argued that individual agencies are best-suited to determine which OCI regulations are most appropriate for them. "OCI policy is currently suboptimal," the paper said. "However, our interviews among the government procurement executives indicate that flexibility is useful. So, while inconsistencies do exist, it seems to be better to allow for flexibility given the spectrum of contracts across all of the agencies."

Nonetheless, the group called on the Director of National Intelligence to provide some form of operational guidance -- even if it simply states that agencies should continue to follow their respective policies.

The task force also called on DNI to establish an organizational conflict-of-interest board that would assess specific issues facing agencies within the intelligence community. INSA suggested it would hold periodic meetings of industry members as a companion to the OCI board.

In a statement to Government Executive on Thursday, a spokesman for the ODNI said, "based on the Defense Federal Acquisition Regulation Supplement final rule on Dec. 29, 2010, organizational conflict of interest determinations are under the purview of the agency contracting officer and we support that position."

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.


When you download a report, your information may be shared with the underwriters of that document.