A Kansas City-area construction company made false claims to obtain $13.8 million in government contracts through a program aimed at assisting businesses owned and operated by U.S. military veterans, the
Kansas City Star reports. Patriot Construction Co. won 20 government contracts by claiming that it was partially owned by a veteran. However, although co-owner Paul Salavitch was a service-disabled veteran, he actually was not involved in its day-to-day operations, as required by the U.S. Veterans Administration's Service-Disabled Veteran-Owned Small Business (SDVOSB) program. Instead, he was a full-time U.S. Department of Defense employee. Jeffrey Wilson, the co-owner who ran the business, was not a veteran. Federal prosecutors say the scheme prevented legitimate veteran-owned businesses from winning those contracts. Wilson has pleaded guilty to government program fraud, while Salavitch pleaded guilty to making a false writing.
Front and center among the lessons learned from this news story is that both the design and controls over well-intended government programs for special groups must be robust, adapt to changing environments and threats, and verified regularly for effectiveness. The consequences of failing to assess the design and controls are substantial. According to a 2011 VA Office of the Inspector General (OIG)
report on the program (PDF) — the most recent report I have found — "76 percent of businesses reviewed were ineligible for either the program and/or the specific [Veteran-Owned Small Business (VOSB)] or SDVOSB contract award, potentially resulting in $2.5 billion awarded to ineligible businesses over the next five years."
Here are the major kinds of issues and recommendations internal auditors should be thinking about when auditing these kinds of programs:
Eligibility. To be eligible to pursue contracts under the SDVOSB program, a service-disabled person has to own at least 51 percent of the business, control its management and daily operation, and hold its highest officer position. The application process and eligibility requirements for this VA program
are available online. However, verification of program eligibility relies heavily on the documentation applicants submit. According to the VA, this includes the resumes of all owners, directors, partners, officers, and other key personnel. The one- to two-page chronological resume should list the person's current and previous occupation, job description and duties, education, personally identifying information, dates, skills, and abilities.
Program Controls. Unfortunately, it does not appear that these documents are fully scrutinized and verified. The VA's OIG report found that the program's oversight and verification controls were inadequate. Relevant to this news story, the report noted that businesses were ineligible because the veteran owners subcontracted more work to nonveteran-owned businesses than allowed under regulations. In other cases, veterans did not really control or own the businesses. These program control problems have been longstanding issues for the VA. Tighter controls over verification of the status of subcontractors involved in SDVOSB applications is needed, along with better oversight and staff training, as noted by the VA's OIG.
Remedies. The VA has taken steps to redress the program's control weaknesses, including making several changes to program controls, policies, and human resources competencies. It also conducts unannounced site visits to companies that have been awarded contracts to catch fraud. This is how Salavitch was found to be working 40 miles away at his full-time job as a federal employee. More recently, the VA announced it will launch the "Seek to Prevent Fraud, Waste, and Abuse (STOP FWA)" initiative, which will leverage departmental activities that prevent or identify FWA and ensure a consistent approach to FWA risk management. More relevant to this story, the VA's Office of Small and Disadvantaged Business Utilization will roll out a new system to more effectively manage all aspects of verification as well as provide a single entry point for information, resources, and online applications.
Given all these changes, it will be interesting to see what the next full audit of the SDVOSB program looks like compared to the 2011 report.