DCAA Compliance: What You Need to Know

Who or what is DCAA?

It’s an acronym, of course, for the Defense Contract Audit Agency. Their mission is to provide audit and financial advisory services to DOD and other federal entities responsible for acquisition and contract administration (straight from their website). The subtext of that mission is to ensure DOD gets the best value for every dollar spent on defense contracting.

The agency was formed in January 1965 under the direction of the Under Secretary of Defense (Comptroller) in response to a study directed by Secretary of Defense Robert S. McNamara. William B. Petty, former Deputy Comptroller of the U.S. Air Force, was appointed director of the brand new agency.

Previously, the various branches of the military had been responsible for their own contract audits, but there was little consistency in either administration or auditing. Joint audits began with the Navy and Army Air Corps in 1939 and a unified acquisition regulation, known as the Armed Services Procurement Regulation (ASPR) was established in 1947, but a single contract audit manual was not issued until 1952.

Once DCAA was authorized, they took over maintenance of the manual and today the Defense Contract Audit Manual (DCAM) is considered the definitive source of detailed processes and procedures for all government contract audits whether the contracts in question are awarded by DOD or by a civilian agency.

If DCAA is an Audit Agency, What is “DCAA Compliance?”

It’s really shorthand for compliance with all the cost accounting regulations of the federal government. Because DCAA is the largest, by far, of all the participants in government contract auditing, the phrase “DCAA Compliance” has become synonymous with federal contract cost accounting compliance. It’s probably not very accurate, but it’s handy.

When it comes to cost accounting compliance, there are really two sets of rules.

The first, and the one that applies to pretty much everyone, is the Cost Principles found in Part 31 of the Federal Acquisition Regulation (FAR). Those principles guide the treatment of costs from labor and payroll costs to bid and proposal expense – in great detail. Part 31 also contains extensive rules about what kinds of costs are “allowable” and can be passed on to the government either as direct charges to a contract or in the contractors’ indirect rates, and which are “unallowable” and may not be passed on to the government at all.

The second set of rules is known as the Cost Accounting Standards. Whereas the cost principles of the FAR are concerned primarily with allowability, the CAS is concerned almost exclusively with allocability – how the costs must be measured and allocated.

“DCAA Compliance” has one other connotation. In a DCAA audit report, they express opinions on the allowability of costs (FAR), the allocability of costs (CAS) and on the reasonableness of costs or “quantum” in accountant-speak.

A company is said to be “DCAA Compliant” when:

1. Their policies say the right things about the cost accounting treatment of their costs,
2. Their procedures describe the correct steps to do the right things with those costs, and
3. Their actual cost accounting practices match their policies and procedures.

The “who” and the “what” of DCAA auditing

DCAA, as their name implies, audits government contracts. They also audit contractors, but only in connection with one or more contracts that are themselves subject to audit. DCAA would not audit a contractor that supplied goods exclusively on competitively awarded firm fixed price contracts. If those same contracts were cost reimbursable, the contractor would almost certainly be subject to audit as an organization.

The contracts and contractors they audit are primarily those awarded by the DOD. But DCAA does perform a significant portion of the audits of government contracts awarded by civilian agencies such as NASA, DOE, EPA, DHS and the VA. DCAA is reimbursed by those agencies when they audit on their behalf. The other agencies have historically contracted for audit services to be performed by commercial audit firms such as CPA firms.

All the audits performed by DCAA, whether on behalf of DOD or a civilian agency, are governed by a written audit program. That program specifies every step of the audit process in excruciating detail from the notification of the contractor and the conduct of the entrance conference to the formulation of the report, its findings, and its distribution. DCAA’s audit programs are also utilized by civilian agencies as part of their own statements of work when they contract for audits by commercial firms.

All of the audit programs are made available to the public at DCAA’s web site here. All of their internal guidance to the agency’s auditors is also public and may be found here.

A visit to the Directory of Audit Programs should be the very first action by a contractor on receipt of a notification that DCAA will be auditing some aspect of its operations or one of its government contracts. If the type of audit described in the notification is unfamiliar, the contractor should ask which specific audit program will be performed prior to scheduling an entrance conference or auditor visit. The program will detail not only the steps of the audit, but the data and reports they may request during the audit. Forewarned is forearmed and knowing exactly what DCAA is likely to ask for before they ask can be worth its weight in gold.

DCAA does not audit the Department of Defense. DOD has its own audit agency for internal audit as do all the uniformed services and most other DOD agencies (such as Defense Intelligence Agency). Neither of these does DCAA compliance with labor laws such as the Service Contract Act (SCA) – the Department of Labor does that even in connection with a Defense contract.

The primary audits performed by DCAA

DCAA is required to provide a report of its activity for the previous Government Fiscal Year (GFY) to Congress by March 31st each year. In the 2019 report, published March 31st, 2020, DCAA described the audits they perform as four basic types:

Forward Pricing: Forward pricing audits are generally completed before contract award where DCAA evaluates a contractor’s estimate of its proposed cost to provide goods or services to the government. Forward pricing includes demand work—proposal audits, forward pricing rates, and estimating system audits.

Incurred Cost: Incurred cost audits determine the accuracy of a contractor’s annual allowable cost representations. Based on the findings of such an audit, DCAA expresses an opinion as to whether the costs are allowable, reasonable, and allocable to the contracts performed that year, based on government accounting and acquisition provisions.

Special Audits: Special audits are largely conducted after contract award. Most of the reports in this category are issued in response to requests from contracting officers. Special audits are associated primarily with costs arising out of claims and terminations.

Other Audits: Other audits can be requested by a contracting officer or initiated by DCAA. These audits focus on adequacy of the contractor’s Cost Accounting Standards (CAS) Disclosure Statement, compliance with cost accounting standards, review of contractor business systems, or compliance with the Truth in Negotiations Act (TINA).

If an audit is in my future, DCAA or otherwise, what should I look for in a cost accounting system?

DCAA compliance requires that your accounting and related business processes which collectively include policies, manual procedures and tools be compliant. Software alone is not audited for DCAA compliance or certified, nor approved as DCAA compliant. However, Unanet software has been reviewed by DCAA auditors at more than 2400 customer sites and, along with the customer policies and procedures, approved as supporting DCAA requirements.

DCAA compliance should be a result and a state, not a project of its own. Unanet is a well-designed system with features to enforce the GovCon rules and automate the GovCon specific processes (like calculation and application of indirect rates and project-based billing and reporting) can accomplish just that.

Unanet is purpose-built in-house by GovCon professionals, and is the only native integrated Cloud ERP solution built from the ground up to serve this unique market. DCAA compliance and audit confidence are foundational, not simply a goal to achieve—Unanet features support DCAA requirements at each stage. See what Unanet can do for your organization.

Posting revenue by type of contract saves time so that financial periods can be closed quickly and efficiently. We know that everything is closed on time and correctly. Unanet shone during our DCAA audit.

Want to learn more? Our 2021 GovCon Success Guide explains why building a robust, strategic business and technology foundation is the key to unlocking your firm’s full potential and will give you practical steps to improve your competitive posture in 2021 and beyond.