S2:E1 Land of Eleven – 11 steps to avoid mistakes with $2T

05 May 2021



We’ve had a difficult year, year and a half. In researching and writing about fraud, waste, and abuse of public funds, I compounded this shared misery. I applaud and celebrate those who can and do fight injustices. Please keep going and accept my thanks.

I laid this project down for a while because I needed a break. It is so easy to see trouble when you look. And yet, troubles rub like sandpaper on me. I spent years as a kid on inner city ambulances responding to emergency calls; then later in life after a year in Iraq, I worked as a rural paramedic. I live with haunts and memories of injustices sufficient for any lifetime. Yet, as I write, I am watching a local turkey hen peck for food as she prepares to nest up this year. I have watched the same mother deer raise two from spotted fawns to spritely teenagers in our isolated hills of Vermont. It’s the balance that helps us survive and find joy.

I started to miss this research and podcast when during the spring I spotted a lovely crop of fraud happening within a few kilometers of my own house – at the site of a former New England college. Oh, look at that behavior. Look at that display and that strut. He’s about to do something really bold. I don’t have the facts yet, nor the full story. But like the deer, bear, turkey, coywolves, foxes, ravens, and other raptors that show us the struggles of everyday life (and that balance we all need), I see this emerging fraudulent behavior in the same way a raptor sees prey. With joy in spotting the prey and these hints of bad behavior, it decided I can return to my perch to hunt again.

Frankly, none of us must work hard to see fraudsters frauding, corrupt officials corrupting, and the maltreatment of public funds and public trust.

My focus shall continue to examine the intersection of public funding with public trust and corrupting behavior. As the teacher tells informs the author, write about what you know, I shall continue to focus on U.S. federal agencies involved in funding communities through grant programs. My particular favorites are Department of Homeland Security (DHS) and especially FEMA, the Federal Emergency Management Agency. The local fraud that I see percolating on the former campus nearby may be facilitate my former members of the U.S. Department of Education. And some of the ski area/land deal frauds here in Vermont seem to involve foreign investment. The components of my reporting and my stories will contain public officials and public monies.

My objectives involve ways of helping community leaders and public officials find techniques and tools to prevent fraud and prevent the maltreatment of our tax dollars. I doubt anything I uncover will lead to a conviction or vitalize an investigation. But if my research and my words helps one emergency manager, one elected official, or one grant management prevent a problem, then I consider myself successful. If any enjoy my stories, I’ll put another tick in the success column.

Let me own my biases. For a decade, I have responded to disasters in the United States, and I have been part of teams that managed over $10 billion in FEMA grant funds. My travels, my teams travels span half of the globe – from the Hawaiian Islands to the islands of Puerto Rico. My work with the U.S. federal government has carried me from the north coast of Alaska to Iraq and around Europe. Since the age of 18, I have been committed to public service: volunteer firefighter, EMT/paramedic, chief of EMS agency, board member of state-run entities, and board member of municipal entities.

I want people to do better. I see that part of the failure rests with failure in the tools and resources available. To that end, I am part of a team that designed, wrote, sells, and supports software that strives to prevent fraud, increase transparency, and decrease the risks of managing public grant funds. This podcast and associated blogs carry my lifelong interest in identifying the risks of fraud and working to prevent fraud. Associated with my efforts to speak publicly on these matters, I also derive income from software called Tempest-GEMS. I promise you that I will entertain, frustrate, and challenge you. Furthermore, I promise that whilst our product maybe a solution to some in some cases, this podcast is not a long running ad. Fair enough?

At my end of my digital fingertips, and yours too, stands an endless supply of material, and a source of many of my stories – the Inspector General reports that get published monthly. With the closing of each calendar month, the IG offices send reports. My subscription to the DHS report results in an emotional response. These responses vary from “Oh, no, not again” to dread to humor to shameful regrets on behalf of others. Some of these cases are known very well to me – sometimes I read the names and know I have met the people mentioned; sometimes I know I have some sort of connection to the situation. I’ll strive to avoid shaming or blaming my fellow humans by name or inference until they are officially named with arrests or indictments. From that point, I’ll try like hell to include the phrase “alleged”. By the time an individual is arrested and named on indictments, law enforcement has had a long, long look at the evidence and facts.

While still not shaming I want to identify the critical issues, the flaws, and the core issues. Yes, there are genuine crooks in the field, as grant managers and working as public servants. So many of the issues the IG finds may be accidental or unintentional. Together we can avoid the unintentional and maybe create an environment where the crooks get spotted more quickly or find the environment less inviting. Not a bad goal, huh?

The rules that the U.S. federal government uses for grant funding resemble the grant process from global organizations such as the U.N., World Bank, and others. Organizations and governments issue money with explicit instructions for accountability, accounting, and integrity. Paperwork and proof document flow up to the funding sources. The rules, when viewed from the distance of 1,000 meters make sense. Frustratingly for all of us, the rules seems rigid and cumbersome when underfoot and applied to the small patch of the earth we each call our own.

Twice during the recent decade, my team and I have performed detailed analysis of the DHS OIG reports. We first filtered for those that examined FEMA funding that went to grant applicants. These tend to be governmental or governmental-like organizations. Each time, we found that over 75% of the cases that DHS OIG explored involved failure.

When standing in front of audience (back when I could), I boldly state that 75% of FEMA grant applicants have failed at following the rules, the law, and/or the regulations. I want to scare people. Statistically speaking, I acknowledge the sampling involves skewing. The inspectors do not randomize the data. Second, I know that the inspectors respond to tips provided. The inspectors know where to look for problems. Then, of course they find them.

My anecdotal experience is similar though. For nearly a decade I have been brought into help grant fund recipients. Nearly 90% of the time, the recipient has already gotten into trouble. Ignoring the mathematical accuracy of the findings, the error rate within FEMA grants is huge. Whilst one error may be benign and forgiven, in another setting or another region, that same error results in lost funds and investigations.

The U.S. federal government is providing nearly 4 trillion dollars to assist with the management of coronavirus. $2 trillion through the CARES Act and more then followed. Much of this money will be provided to organizations as grant funds. I fear that people will focus on the urgent needs, the pressures of the day, and miss the importance of following federal law. In a few years FEMA and the Inspector General will review these grants and the associated paperwork only to discover that the grant fund recipients did not follow federal procurement law; or that they did not keep the necessary documentation; or that they did not use standardized FEMA pricing guidelines when applicable.

The made-up story that goes through my head revolves around Fenway Park in Boston – the city where I was born. It was a mass testing site and I think it has been a mass inoculation site. So cool right. Go to the oldest major league ballpark in the country to get jabbed – buy a hat and brag a bit. Press covered the story, I saw it on my local news.

All of that bit is true. The made-up bit deals with the entire financial aspect. Someone will ask FEMA to pay for this effort. Did the organizers get three quotes from possible sites? What did they do to test for cost reasonableness? Did they advertise for the need? Was this a sole source contract? As for all the other costs… do they have the correct overtime records from the Boston Police Department? Do they have reasonable rates for all staff? Do they have all of the invoices, time records, and proof of payment for everything? Will they have all of this in the five years hence? Federal procurement is a series of steps. The one that should be most-often used involves a sealed bid. When done well, it results in eleven documents – which roughly pairs with eleven steps.

Sure, Fenway park is a great place for this or these events, but within a short distance is Boston University Nickerson Field, Harvard Stadium, Soldier Field, even Boston Common/Boston Public Gardens. Boston has a lot of sites that may well have met the basic requirements giving Fenway competition for the day’s rental.

If the procurement for a venue related to the COVID-19 response was not full and proper, who then pays that bill?

The rules exist to curtail corruption. Breaking these laws may indicate corrupt behavior and public fraud. Which way to do we want to go?

Frankly, I’d prefer not to pump public tax dollars directly into criminal’s pockets. Following the rules can be a pain in the ass, I know, I‘ve done it.

On March 4th of 2021, the DHS OIG published a report illustrating a cascade of failures related to procurement rules.

The March fourth report hides behind the wrong name on it – well so I think anyway, and I often think so. The titles, and their writing style often obfuscates the meaning of the report. Of course, I am wrong, and the IG is right. The DHS Office of Inspector General has authority and jurisdiction over activities of its own agency. Eyes and fingers do occasionally pry over the fence into the activities of the states (a term that includes territories and such). Normally, if the IG has blame it lands it squarely on its own organizations, such as FEMA.

With an experienced eye, the blame covers all involved.

The IG states: “FEMA’s Procurement and Cost Reimbursement Review Process Needs Improvement”. Oh, ok. No kidding. By the way, for those reading along at home, this is report OIG-21-26, the 26th report in the federal fiscal year of 2021. In the IG’s summary, they wrote:

The Federal Emergency Management Agency (FEMA) did not ensure that, following Hurricane Irma, procurements, and costs for debris removal operations in Monroe County, Florida, met Federal requirements and FEMA guidelines. Specifically, FEMA did not adequately review local entities’ procurements for debris removal projects and reimbursed local entities for questionable costs. These deficiencies were due to weaknesses in FEMA training and its quality assurance process. As a result, FEMA approved reimbursement to local entities for nearly $25.6 million (more than $23 million in Federal share) for debris removal projects, including contracts that may not have met Federal procurement requirements and more than $2 million in questionable costs. Without improvements to FEMA’s training and project review processes, FEMA risks continuing to expose millions of dollars in disaster relief funds to fraud, waste, and abuse.

Monroe County Florida includes the keys with the county seat in Key West, a famous island at the end of the Keys. Hurricane Irma hit and made a big mess. Initially, FEMA offered 75% reimbursement for the cleanup and recovery costs. Two years later, FEMA increased the reimbursement level to 90%. This happens when financial thresholds are hit within the state and following approval by the federal government. 90% reimbursement remains historically uncommon.

Normally, contractors clear debris. Contracts when funded by U.S. federal grants must follow U.S. federal procurement laws. This burden passes through to the smallest of entities, tiny towns like my own in Vermont, and it certainly passed to the government of Monroe County Florida.

Florida gets hit with hurricanes. In fact, Florida is so frequently hit with hurricanes, they host their own hurricane conference. Emergency management professionals, elected officials, state people and vendors spend several days discussing hurricanes: planning for, preparing for, recovering from… hurricanes.

I just went to Wikipedia to see if Florida was represented in the photographs. So sadly, I can not say: If you look up hurricanes, you’ll find a picture of Florida. But close enough, right.

Hurricanes in the United States bring to mind: Florida, Louisiana, Texas, the Carolinas.

The IG reviewed five procurement cycles in Monroe County related to debris clean up from Hurricane Irma. The total value of the resulting contracts was more than $25 million dollars. Which is about 20 times the annual operating budget for my tiny town in Vermont.

The IG points out that the FEMA staff failed to gather and review the correct procurement documents. FEMA staff failed to have the right training. FEMA staff did not have the control mechanisms to ensure that FEMA staff did their jobs. The IG states the contracts may not have met the federal procurement requirements.



Er… If Monroe County Florida had executed procurement in accordance with federal law and if they fully understood their legal obligations resulting from receiving federal grant funds.

Sure, FEMA failed to get the documents.

But Monroe County did not submit them. So,  did Monroe County execute procurement correctly? In failing procurement, were the jobs completed for reasonable costs? Was the debris disposed safely and according to law?

I can’t assume, so I won’t. Let’s all make believe that Monroe County did their jobs perfectly and the fail point exists between the county and FEMA.

$25 million is a goodly amount of money. Money provided help clean up debris following a significant hurricane. Monroe County, the Keys, is home to 74,000 people. Had the IG proven that Monroe County failed at their procurement, thereby opening the door for fraud, this cleanup bill of $25 million would have been carried by the people of the county. Each resident contributing about $340 towards the bill. Or maybe the State of Florida pays the bill. Then the residents of Florida have that unexpected hit to their budget.

The point is that when federal grant fund are pulled back due to errors, the costs shift from the population of the United States, roughly one-third of a billion people, to the state or even local jurisdictions.

In April of 2021, CoronaVirus response is costing the United States at least $4 trillion dollars.

I’d like to know that the procurement for Fenway Park, or the Jacob Javits Center, or Brattleboro Union Middle School, or the venue near you will be reimbursed by the federal grant funds. I want to know that those responsible for coordinating this response understand the massive financial and procurement burden that they also have.

With whim, I searched “FEMA procurement checklist” on the internet. I possess expertise on U.S. federal grant management practices and on federal procurement law. Our software provides a score card on procurement and contracting efforts. I wish our customers used those features a lot more, our tool keeps score and advices on critical steps and critical documents. The PDF version has 14 pages and 98 steps. Conversely, the FEMA on-line or web-based version has 16 steps. The FEMA web-based version includes the following phrase:

This is not an on-line form which can be used to save your answers.

I also found a 2018 PDF version that has a two-page checklist.

Interestingly, all versions are incomplete. Few are helpful. Each checklist I see contains a bias. The 2018 checklist emphasizes conflicts of interest and small business and minority owned businesses.

So FEMA publishes three versions of a procurement checklist. Each with different emphasis. Each with different bias. None meet the needs of a grant manager. None inform the user of the checklist of the risks, the priorities, and the importance of the steps.

During the 2008-2016 presidency, the executive government consolidated the various laws related to grants. You’ll find these laws under the citation 2 CFR 200. As the law started it roll out, 2CFR200 was known as the “super circular” and other odd names. It replaced several other bits of law. The shifts were not significant and generally brought uniformity.

Two part of the law are completely screwy and make my head hurt. Yes, they are logical within the narrow in the context of United States law. There is that phrase in the Constitution that affords for state’s rights. The states granted the federal government certain rights and any rights not granted to the federal government are thus retained by states.

What does that mean here?

First, the United States federal government may not impose its federal procurement regulations on a state government. File that under “state’s rights”.

Second, because federal law may then be in conflict with state law, 2CFR200 says that the recipient must follow both laws — or follow which ever law in more restrictive.

This means that the federal government codified the procurement laws, regulations, etc for all 54 or 58 states and territories. Some states, Arizona is one I think, passed a law that says: Hey all, our procurement rules follow the federal rules. Some states, like Vermont, have no such law and no unified procurement policy. The 238 towns in Vermont must discover this on their own, then learn to follow the federal law.

Failure to follow state law is a violation of federal law.

See, it hurts doesn’t it?

Another step down this muddy and murky path… it is required that an organization follow its own internal procurement policy as well. Seriously, FEMA won’t really notice, but if you fail to follow your internal policy, you violated federal law. Oh?

On this 14 page/98 item check list, FEMA chose to include items not in the federal law. In a situation where people struggle to follow the law and seek a checklist, FEMA decided to include it s internal recommendations.

FEMA will not, even cannot, discuss prioritizing elements within the federal procurement law. We cannot expect them to. For example, FEMA appears to be instructing its staff to ask:

Does the contract restrict any contractors and subcontractors from using DHS’s seal, logo, or flag without express permission?

And this phrasing:

Does the contract contain a provision stating that the Federal Government is not a party to the contract and is not subject to any obligations or liabilities to any party under the contract?

Both of these elements are not in federal law. They are strictly recommendations by FEMA. Frankly, DHS’s seal, logo, and flag are in the public domain, as they are owned by the United States federal government. There are three laws that prevent the use of government logos and seals from being used with fraudulent purpose. Such it is a violation of law to make an identification card with a DHS logo; it is a violation of law to affix a federal seal to documents. That’s a serious tangent. Forgive me.

Maybe it is not a tangent. Because the user of this form and other related checklists employs the list to aid in complying with complicated law. If the checklist includes some things not in the law, missing other things in law – then the check list is factually wrong.

If the checklist has 98 elements and is 14 pages, let’s call it cumbersome to use.

If the checklist is 1 or 2 pages, then it is overly simplified.

What should one do?

The first answer is find, recruit, hire, or contract experts to help.

Another answer is to find tools and resources that provide real help.

How have I prioritized the federal procurement tangle?

I study the auditors, who serves as defacto law enforcement agents here. Every month the Department of Homeland Security Office of Inspector General publishes reports. They provide a detailed inventory of other people’s mistakes.

If we all nailed, completed, complied with the hot issues IG finds month after month after month with procurement, we’d do better.

These hot issues revolve around the core elements of the federal procurement law. First, when ever possible use a fair, open, and public bidding process. Seriously in all cases, even down the case of paper for the printer. Ok, maybe don’t bid out the case of paper, but make sure that your selected vendors are providing fair and honest prices. As the amount of money increases, the more fairness, openness, and public-ness matter.

When you cross the $250,000 threshold, also called the simplified acquisition threshold: fairness, openness, and public-ness matter a ton. If in doubt, bid it out. There are eleven steps and eleven documents to gather.

When bidding things out work towards fairness: include small businesses, minority owned business, etc. How? Your state has a mailing list. Your state maintains a list of registered businesses that meet these criteria. Find that agency, send them your bids – or whatever. They’ll help you reach this audience. The first time is tough, the second time is routine. Done!

When working through the evaluation process, be fair and be open. Keep the bloody door open, evaluate the bids in public, keep notes, keep an accurate and fair scoring process. All of these things become part of your records.

When making the award, inform people, be public about it. Write letters to the non-winners . Then award a real contract. Contracts have lots of words and are very long. When dealing with federal funds contracts get really really long and have lots and lots of words. 2CFR200 and FEMA have hundreds of phrases you must include. Let’s make a source for that in text, then do a copy/paste. First time is tough. The second time is routine. Done.

What are the eleven steps? Eleven documents?

  1. Written rationale for procurement method… (which process and why)
  2. Create a bid packet: complete and clear
  3. Issue public invitations to bid
  4. Invite traditionally disadvantaged businesses to bid
  5. Advertise the bid publicly
  6. Gather proof you advertised publicly
  7. Host a public meeting to open bids, keep minutes
  8. Validate bidders are not debarred or suspended by your state and the federal government
  9. Use, complete, and keep a bid tabulation or bid scoring thingy
  10. Issue a letter of intent to the winner
  11. Issue a contract with all of the provisions required by federal and state law (copy/paste)

That’s eleven.

What are the documents?

  1. A quick memorandum stating that expected cost is x and that you are using a sealed bid process to comply with federal and/or state law. Save as PDF.
  2. The bid packet, complete and clear. Save as PDF.
  3. A copy of the advertisement(s) this may include screen shots of the bid boards or online tools uses to communicate. Save as PDF.
  4. Copy of email or process of communicating opportunity to DBE. Save as PDF.
  5. Save copy of public notice or advertisement with date and context in PDF, of course.
  6. If you paid for any ads, save the proof of payment in PDF. If you did not pay for ads, write a brief memorandum stating you did not pay for advertisements, save in PDF.
  7. When hosting the public meeting, save the attendance roster and meeting minutes in PDF.
  8. Go to Sam.gov (a website) to look up the vendor. Print results in PDF. If not found, print the proof you looked and they were not found. If found, print the findings to show they are not debarred. Keep this document as a PDF.
  9. Issue a letter of intent to the winner, yes, keep a PDF.
  10. And the contract, in PDF, of course. Do that copy/paste thing to include those thousands of required conditions that the vendor must follow.

I am a part owner of a software development company. Most of my contract state that we must comply with the Clean Water Act and the Clean Air Act. Some contracts include provisions related to construction labor laws. They have no relevance to the nature of our work, yet everyone remains in compliance with these words sitting in a PDF document. Done.

Eleven steps, eleven documents.

If you are spending a smaller amount of money, what three steps and what three documents are required?

  1. Written rationale for procurement method… (which process and why)
  2. A debar check at Sam.gov
  3. The purchase order, contract, or what ever paper instrument is used, even the on-line order form saved, of course as a PDF.

Grant applicants can make a lot of mistakes but as long as folks strive for fairness, openness, and actively take steps to provide good stewardship of federal funds, you’ll be better off than the majority.

Of course, when working with FEMA or any other federal agency on grants, these PDF documents provide the proof that you are stepping in the right direction.

Trying counts! Yoda may disagree. FEMA may occasionally disagree. Trying to follow the rules while documenting your attempts is a huge step towards good. And good can be good enough.

We’ve got trillions of dollars flowing through dozens of grant programs funding our shared slog through the coronavirus pandemic. Money of this magnitude tempts crooks and fraudsters. One defense against these criminals is a unified-ish set of procurement rules, transparency on the process, openness, and fairness.

When people start shielding their work, obscuring their process, limiting the audience or participants in the contracting process, we may be seeing hints of criminal activity.

I find an eleven-step checklist tolerable. I find a three-step checklist even easier. While a 98 item checklist that includes errors only makes process more difficult and by introducing complexity, promotes the very behavior we all wish to curtail.